Zero Trust

Question 1

Zero Trust

Answer 1

Zero Trust → A security model that assumes no user or device should be trusted by default, requiring continuous verification and strict access control for every connection or request.

Question 2

Policy-Based Authentication

Answer 2

Policy-Based Authentication → Access decisions are made dynamically based on predefined policies such as user identity, device type, location, and time of request.

Question 3

Adaptive Identity

Answer 3

Adaptive Identity → Continuously evaluates user behavior and context to adjust authentication requirements, such as adding multifactor authentication if activity seems unusual.

Question 4

Policy-Driven Access Control

Answer 4

Policy-Driven Access Control → Restricts access to network resources using centralized policies that define who can access what, when, and under what conditions.

Question 5

Authentication

Answer 5

Authentication → The process of verifying a user’s or device’s identity before granting network access, often through passwords, certificates, or multifactor methods.

Question 6

Authorization

Answer 6

Authorization → Determines what resources an authenticated user or device is allowed to access based on their assigned privileges or roles.

Question 7

Accounting

Answer 7

Accounting → Tracks and records user activity and resource usage on the network for auditing, monitoring, and compliance purposes.

Question 8

Least Privilege Access

Answer 8

Least Privilege Access → A security principle that grants users the minimum level of access required to perform their tasks, reducing the risk of misuse or breaches.

Question 9

SASE

Answer 9

Secure Access Service Edge → A next-generation VPN model combining network security functions like Zero Trust, firewall, and secure web gateway into a single cloud-based service.