ISC2 CISSP Practice Question

The correct answer is Zero Trust Architecture. Zero Trust Architecture is built on the principle of "never trust, always verify" and treats all users, devices, and network traffic as potentially hostile, regardless of whether they are inside or outside the traditional network perimeter. Unlike traditional security models that focus on defending the perimeter, Zero Trust continuously verifies identity, authenticates and authorizes every access request, enforces least privilege, and monitors for suspicious activities throughout the entire session.

Network Segmentation is a good security practice but focuses on dividing the network into segments rather than continuously verifying all access. Defense in Depth uses multiple layers of security but doesn't necessarily verify each access request continually. Role-Based Access Control is an important component of identity management but doesn't encompass the full scope of the continuous verification and device validation that Zero Trust provides across all resources regardless of network location.