📖 What is Zero Trust Architecture (ZTA)?
Zero Trust Architecture (ZTA) is a security framework based on the principle that no entity, whether inside or outside the network perimeter, should be trusted by default. It requires continuous verification of identity and authorization for every access request.
"The mantra here is 'Never Trust, Always Verify.' It effectively removes the traditional concept of a 'trusted internal network' or 'secure perimeter'."
📚 Certification: Certified Information Systems Security Professional (CISSP)
🔑 What are the Key Concepts of Zero Trust Architecture (ZTA)?
- ▸ Micro-segmentation divides the network into small, isolated zones to prevent lateral movement by attackers who have already breached the initial perimeter.
- ▸ Continuous verification requires that identity, device health, and context are validated for every single access request, regardless of the user's location.
- ▸ The Policy Decision Point (PDP) and Policy Enforcement Point (PEP) work together to evaluate and execute access requests against defined security policies.
- ▸ Least privilege is strictly enforced, ensuring users and devices only have the minimum access necessary to perform a specific task for a limited time.
- ▸ Identity-centric security shifts the focus from network location and IP addresses to the verified identity of the user and the integrity of the device.
🎯 How does Zero Trust Architecture (ZTA) appear on the CISSP Exam?
You may be asked to identify the most effective strategy for preventing lateral movement within a corporate network after a workstation has been compromised, where micro-segmentation and Zero Trust principles are the correct answers.
A scenario might describe a company moving from a 'castle-and-moat' security model to a remote-first workforce; you must determine how to maintain security without relying on a traditional VPN.
Expect questions about the components of ZTA, specifically asking you to distinguish between the Policy Decision Point (PDP) and the Policy Enforcement Point (PEP) during a request flow.
❓ Frequently Asked Questions
Does implementing Zero Trust mean I should remove all my internal firewalls?
No, firewalls are still used, but their role changes. Instead of one large perimeter firewall, ZTA utilizes distributed firewalls and micro-segmentation to create granular boundaries around individual workloads and data.
How does ZTA differ from traditional Multi-Factor Authentication (MFA)?
MFA is a tool used within ZTA to verify identity. ZTA is the broader framework that uses MFA, device health, and behavioral analytics to make continuous, context-aware access decisions.