Zero Trust Architecture - Vocabulary Flashcards

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/19

flashcard set

Earn XP

Description and Tags

Vocabulary flashcards covering key terms from the zero trust architectures lesson.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

20 Terms

1
New cards

Zero Trust Architecture

A cybersecurity approach that assumes no user or device is trusted by default and requires continuous verification of every access request, regardless of origin.

2
New cards

Perimeter-based cybersecurity

Traditional security model that relies on a strong outer boundary (firewalls, IDS) to keep threats out.

3
New cards

Deperimeterization

Shifting focus from a fixed network perimeter to protecting data and resources wherever they reside.

4
New cards

Deep perimeterization

Security strategy for dispersed networks where assets are spread across cloud, mobile, and remote locations, requiring controls beyond a single boundary.

5
New cards

Control plane

The centralized framework that defines, manages, and enforces access policies across the organization.

6
New cards

Data plane

The layer that enforces policy decisions and controls data flow once access is granted.

7
New cards

Adaptive identity

Real-time, contextual verification of a user or device using factors like behavior, device, and location.

8
New cards

Threat scope reduction

Limiting user access to only what is needed to reduce the potential attack surface.

9
New cards

Policy-driven access control

Access decisions are driven by predefined policies tied to roles, responsibilities, and security rules.

10
New cards

Secured zones

Isolated, access-controlled segments within a network designed to protect sensitive data.

11
New cards

Subject system

An entity (user, device, or application) requesting access; must be authenticated and authorized.

12
New cards

Policy engine

The component that assesses access requests against defined policies to determine permissions.

13
New cards

Policy administrator

Entity responsible for creating and maintaining access policies in line with security objectives.

14
New cards

Policy enforcement point

The mechanism that enforces access decisions at the data plane, gating access to resources.

15
New cards

Trust but verify

A traditional saying; in Zero Trust, verification is extended to continuous, everywhere verification.

16
New cards

Continuous verification

Ongoing validation of identity and permission at every access attempt and data transaction.

17
New cards

Blast radius

The potential extent of damage from a breach; Zero Trust aims to minimize it.

18
New cards

Least privilege (Need-to-know)

Granting users only the minimum permissions necessary to perform their tasks.

19
New cards

Role-based access control (RBAC)

Access permissions assigned based on a user’s role within the organization.

20
New cards

Authentication vs Authorization

Authentication verifies identity; Authorization grants access according to policies.