A financial services company is modernizing its security posture for a hybrid environment of on-premises data centers and cloud applications. The new strategy dictates that all access to corporate resources must be continuously verified based on user identity and device health, regardless of the user's location. The principle of 'never trust, always verify' must be applied to every access request. Which security model should the security analyst recommend to implement this core principle?
A Zero Trust model is the correct answer because its fundamental principle is 'never trust, always verify,' requiring continuous verification for every access request regardless of its origin. The scenario's requirements-continuous verification and treating all networks as untrusted-are the defining characteristics of Zero Trust. Secure Access Service Edge (SASE) is a broader architectural framework that bundles security and networking services and incorporates Zero Trust principles, but Zero Trust is the specific security model described. Network segmentation is a technique used within a Zero Trust architecture, not the model itself. Hybrid cloud describes the infrastructure environment, not the security access model.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is 'Zero Trust' in network architecture?
Open an interactive chat with Bash
How does Zero Trust differ from traditional network security models?
Open an interactive chat with Bash
What technologies or practices are commonly used in a Zero Trust architecture?