1.8: Zero Trust

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/10

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

11 Terms

1
New cards

Zero Trust

Security principle that demands verification for every device, user, and transaction within the network, regardless of its origin

Need to create two different planes to create this architecture, Control Plane and Data Plane

Multi-factor authentication, encryption, system permissions, additional firewalls, monitoring and analytics, etc

2
New cards

Control Plane

Zero Trust plane that refers to overarching framework and set of components responsible for defining, managing, and enforcing policies related to user/system access within orgs

Determine how packets should be forwarded; routing tables, session tables, NAT tables

Adaptive Identity, Threat Scope Reduction, Policy-Driven Access Control, Secured Zones

3
New cards

Adaptive Identity

Zero Trust Control Plane element relies on real-time validation that takes into account the user's behavior, device, location, and more

4
New cards

Threat Scope Reduction

Zero Trust Control Plane element that limits the users' access to only what they need for work tasks to reduce network's potential attack surface

Focused on minimizing the blast radius that could occur

in the event of a breach

5
New cards

Policy-Driven Access Control

Zero Trust Control Plane element that entails developing, managing, and enforcing user access policies based on their roles and responsibilities

6
New cards

Secured Zones

Zero Trust Data Plane element that represents isolated environments within a network that are designed to house sensitive data

Can control traffic based on the zones it is traveling to and from

Some zones are implicitly trusted

7
New cards

Data Plane

Zero Trust plane that ensures the policies are properly executed

Process the frames, packets, and network data; processing, forwarding, trunking, encrypting, NAT

Subject/System, Policy Engine, Policy Administrators, Policy Enforcement Point

8
New cards

Subject/System

Zero Trust Data Plane element that refers to the individual or entity attempting to gain access

9
New cards

Policy Engine

Zero Trust Control Plane element that cross-references the access request with its predefined policies

Paired with the Policy Administrator to represent the Policy Decision Point

10
New cards

Policy Administrator

Zero Trust Control Plane element that represents the privileged user that establishes and manages the access policies

Paired with the Policy Engine to represent the Policy Decision Point

11
New cards

Policy Enforcement Point

Zero Trust Data Plane element that represents the location where the decision to allow/deny access is actually executed