Zero Trust 1.2 Flashcards
Describe ZERO TRUST
- A holistic approach to network security in which the users must be provide authenticate every time they’re trying to access a resource.
Through a ZERO TRUST policy, what are some SECURITY CHECKS that can be implemented?
- multi-factor authentication, encyrption, system permissions, additional firewalls, monitoring and analytics, and security policies and controls.
What is the purpose of SEPARATE FUNCTIONAL PLANES OF OPERATIONS?
- Breaking down a security device or system into smaller individual components.
Describe the DATA PLANE.
- The part that is performing the actual security processes.
- Manages the processes of frames, packets, and network data.
- Manages the process of moving data from one network to another.
Describe the CONTROL PLANE.
- Manages the actions of the data plane.
- Defines policies and rules.
- Determines how packets should be forwarded.
How can security controls be evaluated using ADAPTIVE IDENTITY?
- Examining the identity of individual and other information.
What are some considerations when using ADAPTIVE IDENTITY?
- Consider the source and the requested resources.
- Multiple risk indicators - relationship to the organization, physical location, type of connection, IP addresses, etc.
- Make the authentication stronger, if needed.
How is ZERO TRUST controlled using THREAD SCOPE REDUCTION?
- limit how many places can be used to get into the network.
What is the purpose of POLICY DRIVEN ACCESS CONTROL?
- Examines all data end points and determines the type of authentication process.
- Combines the adaptive identity with a predefined set of rules.
How can establishing SECURITY ZONES assist in authenticate users?
- Security zones validate the location from where the user is accessing a system and where the data is being sent to.
- Allows setting rules for a particular zone or location.
Describe the purpose of a POLICY ENFORCEMENT POINT (PEP)
- Sets the policy and procedures.
- Is set up within the data flow pathway.
- Acts as a gatekeeper to allow or disallow specific types of traffic.
- Is comprised of multiple systems or devices.
What are some examples of SUBJECTS AND SYSTEMS that are managed by the PEP?
- End users, applications, non-human entities
How does the POLICY ENFORCEMENT POINT (PEP) determine which traffic is allowed or disallowed?
- All traffic is managed through a POLICY DECISION POINT which gathers all the information and determines what traffic is allowed on the system.
- Comprised of a POLICY ENGINE and a POLICY ADMINISTRATOR.
What is the purpose of the POLICY ENGINE?
- Gathers all requests and evaluates them against some predefined security policies.
- Determines if the access is granted, denied, or revoked.
What is the purpose of the POLICY ADMINISTRATOR?
- Receives the decision from the POLICY ENGINE.
- Generates a token or additional credentials, and will communicate to the PEP to allow or disallow access.
