312-50V11 · Question #987
Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to access the network is not
The correct answer is D. Zero trust network. Zero Trust is a security architecture that eliminates implicit trust by requiring continuous verification of every access request and enforcing least-privilege access so users can only reach resources needed for their role.
Question
Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to access the network is not an authentic entity and verifies every incoming connection before allowing access to the network. Using this technique, he also imposed conditions such that employees can access only the resources required for their role. What is the technique employed by Eric to secure cloud resources?
Options
- AServerless computing
- BDemilitarized zone
- CContainer technology
- DZero trust network
How the community answered
(43 responses)- A2% (1)
- C5% (2)
- D93% (40)
Why each option
Zero Trust is a security architecture that eliminates implicit trust by requiring continuous verification of every access request and enforcing least-privilege access so users can only reach resources needed for their role.
Serverless computing is a cloud execution model where the provider abstracts server management so developers deploy functions without provisioning infrastructure; it is not a network access verification or trust model.
A Demilitarized Zone segments the network into an intermediate buffer between untrusted external and trusted internal zones using perimeter-based trust, which is the legacy model that Zero Trust was designed to replace.
Container technology packages applications with their dependencies into portable, isolated units to ensure consistent deployment; it is an infrastructure and runtime tool with no inherent access verification or trust policy enforcement.
Zero Trust operates on the core principle of 'never trust, always verify,' meaning every incoming connection is authenticated and authorized regardless of network location or prior session state. Combining this with role-based least-privilege access - restricting employees to only the resources their role requires - precisely matches the technique Eric implemented, as both continuous verification and least-privilege are foundational Zero Trust pillars defined in NIST SP 800-207.
Concept tested: Zero Trust network security model with least-privilege access
Source: https://www.nist.gov/publications/zero-trust-architecture
Topics
Community Discussion
No community discussion yet for this question.