Home › B.Tech Cyber Security › cybersecurity › Network Security › A ZERO-TRUST network architecture is based on th…
A ZERO-TRUST network architecture is based on the principle
Atrust everyone equally
Bnever trust, always verify (even inside)
Ctrust based on geography only
Dtrust devices by MAC address
Answer & Solution
Correct answer: B. never trust, always verify (even inside)
1. ZERO TRUST: discards the legacy 'castle and moat' model where inside = trusted, outside = untrusted.
2. NEW PRINCIPLE: every request (regardless of source) must be AUTHENTICATED, AUTHORISED, and ENCRYPTED.
3. KEY COMPONENTS:
• STRONG IDENTITY: MFA on every user; device posture checks.
• LEAST PRIVILEGE: scoped permissions per resource, ideally per request.
• MICROSEGMENTATION: small network segments — lateral movement is blocked.
• CONTINUOUS verification: not just at login but during the session.
4. ENABLERS: identity providers (Okta, Azure AD), zero-trust gateways (BeyondCorp, Cloudflare Access).
5. NIST SP 800-207 is the canonical Zero Trust Architecture document.
_Source: NIST SP 800-207 (Zero Trust Architecture)._
Related questions
A SIEM (Security Information and Event Management) system primarilyA WEB APPLICATION FIREWALL (WAF) sits at which layer of the network?ARP SPOOFING (or ARP poisoning) lets an attacker on a LANWPA3 isDDoS (Distributed Denial of Service) differs from DoS in thatDNSSEC adds which security property to DNS?A MAN-IN-THE-MIDDLE (MITM) attack happens whenA SYN FLOOD attack works by