Explanation:
Option C is not a key component of a zero-trust architecture. Zero-trust architectures are built on the principle of 'never trust, always verify,' eliminating the concept of trust within the network. This approach includes micro-segmentation to contain breaches, continuous authentication and authorization to dynamically adjust access based on risk, and least-privilege access controls to minimize the attack surface. Relying solely on traditional perimeter-based security measures contradicts the zero-trust principle by assuming trust once inside the network, making it the incorrect choice.
Ultimate access to all questions.
No comments yet.
Your organization is planning to enhance its security posture by implementing a zero-trust network access solution. As part of the planning phase, you are evaluating key components that align with zero-trust principles. The solution must adhere to strict compliance requirements, ensure scalability across global operations, and minimize operational costs without compromising security. Which of the following features is NOT a key component of a zero-trust architecture, and why? (Choose one option)
A
Micro-segmentation of the network to create isolated zones for different resources and applications, ensuring that even if an attacker gains access to one segment, the breach is contained.
B
Continuous authentication and authorization of users and devices based on their risk profile, dynamically adjusting access rights as the risk context changes.
C
Relying solely on traditional perimeter-based security measures, such as firewalls and VPNs, assuming that once inside the network, users and devices can be trusted.
D
Implementing least-privilege access controls to limit user access to only the resources and data they need, reducing the attack surface.