A security manager wants to implement an approach that minimizes implicit trust and ensures every access request is fully authenticated, authorized, and encrypted before granting access to resources. Which of the following security models BEST meets these requirements?
Zero Trust Architecture is designed to eliminate implicit trust and enforce strict verification for every user and device attempting to access network resources. It requires full authentication, authorization, and encryption for each access request, effectively meeting the manager's requirements. The Principle of Least Privilege limits access rights but doesn't address continuous authentication or the elimination of implicit trust for each request. Defense in Depth employs multiple layers of security but does not specifically focus on the trust model for access requests. Security through Obscurity is not a valid or effective security strategy, as it relies on secrecy rather than robust security measures.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the key principles of Zero Trust Architecture?
Open an interactive chat with Bash
How does Zero Trust Architecture differ from traditional security models?
Open an interactive chat with Bash
What role does encryption play in Zero Trust Architecture?