ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_ZTA-7.2
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

exhibit. User student is not able to log in to SSL VPN Given the output showing a real-time debug: which statement describes the login failure?
With the increase in loT devices, which two challenges do enterprises face? (Choose two.)
Which statement is true about FortiClient EMS in a ZTNA deployment?
Exhibit. Which port group membership should you enable on FortiNAC to isolate rogue hosts'?
Which three methods can you use to trigger layer 2 polling on FortiNAC? (Choose three)
Exhibit. Which two statements are true about the hr endpoint? (Choose two.)
Exhibit. Which statement is true about the hr endpoint?
Exhibit. An administrator has to provide on-fabric clients with access to FortiAnalyzer using ZTNA tags Which two conditions must be met to achieve this task? (Choose two.)
Which statement is true regarding a FortiClient quarantine using FortiAnalyzer playbooks?
What are two functions of NGFW in a ZTA deployment? (Choose two.)

Question 15 - NSE7_ZTA-7.2 discussion

Report
Export

What are the three core principles of ZTA? (Choose three.)

A.
Verity
Answers
A.
Verity
B.
Be compliant
Answers
B.
Be compliant
C.
Certify
Answers
C.
Certify
D.
Minimal access
Answers
D.
Minimal access
E.
Assume breach
Answers
E.
Assume breach
Suggested answer: A, D, E

Explanation:

Zero Trust Architecture (ZTA) is a security model that follows the philosophy of ''never trust, always verify'' and does not assume any implicit trust for any entity within or outside the network perimeter. ZTA is based on a set of core principles that guide its implementation and operation. According to the NIST SP 800-207, the three core principles of ZTA are:

A) Verify and authenticate. This principle emphasizes the importance of strong identification and authentication for all types of principals, including users, devices, and machines. ZTA requires continuous verification of identities and authentication status throughout a session, ideally on each request. It does not rely solely on traditional network location or controls. This includes implementing modern strong multi-factor authentication (MFA) and evaluating additional environmental and contextual signals during authentication processes.

D) Least privilege access. This principle involves granting principals the minimum level of access required to perform their tasks. By adopting the principle of least privilege access, organizations can enforce granular access controls, so that principals have access only to the resources necessary to fulfill their roles and responsibilities. This includes implementing just-in-time access provisioning, role-based access controls (RBAC), and regular access reviews to minimize the surface area and the risk of unauthorized access.

E) Assume breach. This principle assumes that the network is always compromised and that attackers can exploit any vulnerability or weakness. Therefore, ZTA adopts a proactive and defensive posture that aims to prevent, detect, and respond to threats in real-time. This includes implementing micro-segmentation, end-to-end encryption, and continuous monitoring and analytics to restrict unnecessary pathways, protect sensitive data, and identify anomalies and potential security events.

1: Understanding Zero Trust principles - AWS Prescriptive Guidance

2: Zero Trust Architecture - NIST

Show Answer
asked 18/09/2024
SANGEETH N
39 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms