Zero Trust

Question 1

Zero Trust

Answer 1

Zero trust → security model that assumes no implicit trust and requires continuous verification for every access request.

Question 2

MFA

Answer 2

Multifactor authentication (MFA) → authentication method requiring two or more verification factors.

Question 3

Planes of Operation

Answer 3

Planes of operation → logical layers in zero trust architecture that separate data processing and control decisions.

Question 4

Data Plane

Answer 4

Data plane → handles the actual transmission of data between systems.

Question 5

Control Plane

Answer 5

Control plane → manages access decisions, policies, and traffic control.

Question 6

Adaptive Identity

Answer 6

Adaptive identity → dynamic authentication based on user behavior, context, and risk.

Question 7

Threat Scope Reduction

Answer 7

Threat scope reduction → shrinks the potential attack surface by limiting access, isolating elements, and enforcing strict controls. Often a key part of Zero Trust architecture

Question 8

Policy-Driven Access Control

Answer 8

Policy-driven access control → enforces access decisions based on predefined security policies.

Question 9

Security Zones

Answer 9

Security zones → segmented network areas that isolate resources based on trust levels.

Examples: Public (internet), Internal (LAN), DMZ (Web Servers), etc. they all have their own rules and permissions based on needed security

Question 10

PEP

Answer 10

Policy enforcement point (PEP) → component that enforces access decisions.

The bouncer at a party

Question 11

PDP

Answer 11

Policy decision point (PDP) → component that evaluates access requests against policies. Tells the PEP whether to allow or deny access.

The guest list at a party

Question 12

Policy Engine and Policy Administrator

Answer 12

Policy engine and policy administrator → systems that evaluate policies and manage enforcement actions.