Zero Trust Flashcards Lesson 1.2

Security + CompTIA Flashcards

What is a major vulnerability of traditional networks once past the firewall?

They allow free movement between systems with minimal security checks, enabling unauthorized access and malware spread.

What is the core principle of zero trust architecture?

“Never trust, always verify”—requiring continuous authentication for every access attempt.

What are some key components of zero trust security?

Multi-factor authentication, data encryption, system permissions, firewalls, and layered security policies.

How can zero trust be implemented in network architecture?

By decomposing security devices into functional components or planes of operation.

What are the two primary planes in network architecture?

Data Plane (handles traffic) and Control Plane (manages configurations and policies).

What does adaptive identity authentication evaluate?

Origin of request, location, user role, network type, and IP address.

How can network access points be restricted to reduce risk?

By limiting access to users inside the building or via VPNs.

What are security zones used for?

To categorize network segments and enforce granular access control.

What is the role of a Policy Enforcement Point (PEP)?

To evaluate traffic and collect data for access decisions.

What does the Policy Decision Point (PDP) do?

It analyzes authentication requests and decides on access approval, denial, or revocation.

How does zero trust architecture complete secure communication?

By passing data through PEPs and PDPs, which enforce access based on policy decisions.

Why is the traditional firewall-based trust model inadequate?

It exposes networks to internal threats and lateral movement.

How does zero trust improve network security?

By requiring continuous verification and eliminating implicit trust.

Why is separating data and control planes important?

It allows scalable and dynamic security enforcement.

What makes adaptive identity more secure than traditional methods?

It uses multiple real-world factors to assess authentication risk.

How do security zones enhance access control?

They define boundaries and trust levels for precise access management.

What ensures consistent enforcement of zero trust policies?

The integration of PEPs, PDPs, and Policy Administrators.

What are essential components of zero trust security?

Multi-factor authentication and encryption of data at rest and in transit.

What are examples of control plane management?

Configuring routing tables, firewall rules, and NAT parameters.

How do physical switches demonstrate data/control plane separation?

Interfaces handle data flow; configuration tasks occur in the control plane.

What factors does adaptive identity consider?

Geographic location, IP address, and user role (e.g., contractor vs. employee).

How does limiting entry points enhance security?

It reduces exposure and makes unauthorized access more difficult.

How can security zones be subdivided?

By department or role for fine-grained access control.

What is an example of implicit trust in zones?

Trusted office zone communicating with internal data center zone.

What does the PEP rely on for access decisions?

The Policy Decision Point (PDP).

What decisions can the PDP return

Allow, deny, or revoke access.

What completes the zero trust authorization cycle?

Policy Administrator manages credentials/tokens enforced by the PEP.