Security +701 Zero-Trust

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/10

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

11 Terms

1
New cards

Zero Trust

an approach where nothing is trusted, and everything is subject to some kind of security checks.

  • Covers every device, every process, and every user

2
New cards

Data Plane

this type of plane of operation forwards data through the network

  • it follows rules and sends the data where it’s supposed to go

3
New cards

Control Plane

this type of plane of operation decides how and where to send the data

  • It’s where you set up policies, rules, and routing decisions

4
New cards

Adaptive Identity

when you examine the identity of the user and apply security controls based on the information gathered about the user

  • Ex: If a user is trying to connect to an American sever, but their IP address is in China, you can choose to block the access

5
New cards

Threat Scope Reduction

when you decrease the number of possible entry points into a network

  • This will limit how many places can be used to get into the network

  • Ex: Limit entry points to people only inside the building

6
New cards

Policy Driven Access Code

When access to a system, data, or resource is controlled by predefined rules that evaluate different factors before allowing or denying access

  • This encompasses threat scope reduction, adaptive identity, and security controls

7
New cards

Security Zones

Groupings in a network that defines levels of trust for different areas of connections. Each zone is categorized based on how trusted it is (Ex: trust, untrusted, internal, external). Security policies can then control what traffic is allowed between zones.

  • Ex: Untrusted zone = public internet | Trusted zone = corporate office | Internal Zone = company’s data center

  • Policies might allow trusted zones to access internal zones but block untrusted zones from connect directly.

8
New cards

Policy Enforcement Point

A system or device that monitors all network traffic and enforces access control decisions

9
New cards

Policy Decision Point

A tool or method that gets information from the Policy Enforcement Point about the user, and sends information back on weather or not to allow access

10
New cards

Policy Engine

This tool is a part of the Policy Decision Point, and it gets information from the Policy Enforcement point about the user, and forms a decision using the policy driven access controls’ policies

11
New cards

Policy Administrator

This is a tool a part of the Policy Decision Point, and it sends a decision to the Policy Enforcement Point on weather or not to allow access