Zero Trust Flashcards
What is Zero Trust?
Centers on the belief that organizations should not automatically trust anything inside or outside their perimeters and instead must verify anything and everything trying to connect to its systems before granting access.
Zero Trust : Centers on the belief that organizations should not automatically trust anything inside or outside their perimeters and instead ——— trying to connect to its systems before granting access.
Centers on the belief that organizations should not automatically trust anything inside or outside their perimeters and instead must verify anything and everything trying to connect to its systems before granting access.
What is the premise of Zero Trust?
Trust is never granted implicitly but mast be continually evaluated.
Zero trust architecture is an ——– approach to enterprise resource and data security that encompasses identity (person and nonperson entities), credentials, access management, operations, endpoints, hosting environments,
and the interconnecting infrastructure
Zero trust architecture is an end-to-end approach to enterprise resource and data security that encompasses identity (person and nonperson entities), credentials, access management, operations, endpoints, hosting environments,
and the interconnecting infrastructure
Why has unauthorized lateral movement within the environmnet been one of the biggest challenges for federal agencies?
Traditionally, agencies (and enterprise networks in general) have
focused on perimeter defense and authenticated subjects are given authorized access to a broad
collection of resources once on the internal network. Meaning) Perimeter defense typically involves security measures designed to protect the network from outside threats, such as firewalls, intrusion detection systems, and other security tools placed at the network’s boundary.
The passage suggests that traditionally, once someone (authenticated user or subject) gains access past this “perimeter” (such as by logging in or passing a security check), they are often granted broad access to internal resources within the network. This model assumes that the perimeter defense is the main line of defense, and once you’re inside, trust is automatically granted.
How is access to enterprise resource given to subjects?
They are given by PDP and PEP
What is PDP and PEP?
PDP(Policy Decision Point) / PEP(Policy Enforcement Point)
What does PDP/PEP do?
The PDP/PEP
passes proper judgment to allow the subject to access the resource.
The PDP/PEP
passes proper judgment to allow the subject to access the resource. This implies that zero trust
applies to two basic areas:
authentication and authorization.
What does “implicit trust zone” mean?
The “implicit trust zone” represents an area where all the entities are trusted to at least the level
of the last PDP/PEP gateway. For example, consider the passenger screening model in an airport.
All passengers pass through the airport security checkpoint (PDP/PEP) to access the boarding
gates. The passengers, airport employees, aircraft crew, etc., mill about in the terminal area, and
all the individuals are considered trusted. In this model, the implicit trust zone is the boarding
area.
What does being agnostic mean?
denoting or relating to hardware or software that is compatible with many types of platforms or operating systems.
What the two planes of the ZTA logical components?
Data Plane and Control Plane
What are teh two logical components of PDP?
Policy Engine and Policy Administrator
What is communicated on a data plane?
Application data is communicated on a data plane
What is policy enforcement point?
Responsible for enabling, monitoring, and eventually terminating connections between a subject and an enterprise resource
What is policy engine?
Responsible for the ultimate decision to grant access to a resource for a given subject
What is policy administrator responsible for?
Responsible for establishing and/or shutting down the communication path between a subject and a resource
To summarize in my own words, what is the relationship between PDP,PEP, Policy Engine, and Policy Admistrator
Policy Enforcement Point is like a doorman. It executes the decisions made at PDP. Policy Decision point comprises of policy engine and policy administrator.
Policy Engine is the own who uses algorithms and enterprise policy to grant access.
Adminstor and the engine is closely tied but PA is the one who is making the ultimate decision to allow or deny a session.
Finally when the session is authorized and the request is authenticated, PA configures the PEP to allow the session to start.
