Ultimate access to all questions.
As a Cybersecurity Architect in a multinational organization, you are tasked with ensuring that the Conditional Access policies align with the Zero Trust strategy. The organization operates in multiple jurisdictions with varying compliance requirements. You need to validate that the policies not only enforce strict access controls but also comply with regional data protection laws. Additionally, the solution must be scalable to accommodate future growth without significant cost increases. Which of the following steps is the MOST comprehensive to validate the alignment of Conditional Access policies with a Zero Trust strategy under these constraints? (Choose one)
A
Review and adjust the Conditional Access policies to ensure they are solely based on the user's device compliance status and network location, ignoring other factors to simplify management.
B
Enable Conditional Access policies for all users and resources globally without customization, assuming a one-size-fits-all approach will ensure compliance and scalability.
C
Validate that the Conditional Access policies are dynamically applied based on a comprehensive risk assessment, including user identity, device status, location, resource sensitivity, and are in compliance with regional data protection laws.
D
Implement Conditional Access policies that are based exclusively on user roles and attributes, disregarding device and location factors to reduce complexity.