nerdexam
EC-Council

312-50V11 · Question #987

Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to access the network is not

The correct answer is D. Zero trust network. Zero Trust is a security architecture that eliminates implicit trust by requiring continuous verification of every access request and enforcing least-privilege access so users can only reach resources needed for their role.

Cloud Computing

Question

Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to access the network is not an authentic entity and verifies every incoming connection before allowing access to the network. Using this technique, he also imposed conditions such that employees can access only the resources required for their role. What is the technique employed by Eric to secure cloud resources?

Options

  • AServerless computing
  • BDemilitarized zone
  • CContainer technology
  • DZero trust network

How the community answered

(43 responses)
  • A
    2% (1)
  • C
    5% (2)
  • D
    93% (40)

Why each option

Zero Trust is a security architecture that eliminates implicit trust by requiring continuous verification of every access request and enforcing least-privilege access so users can only reach resources needed for their role.

AServerless computing

Serverless computing is a cloud execution model where the provider abstracts server management so developers deploy functions without provisioning infrastructure; it is not a network access verification or trust model.

BDemilitarized zone

A Demilitarized Zone segments the network into an intermediate buffer between untrusted external and trusted internal zones using perimeter-based trust, which is the legacy model that Zero Trust was designed to replace.

CContainer technology

Container technology packages applications with their dependencies into portable, isolated units to ensure consistent deployment; it is an infrastructure and runtime tool with no inherent access verification or trust policy enforcement.

DZero trust networkCorrect

Zero Trust operates on the core principle of 'never trust, always verify,' meaning every incoming connection is authenticated and authorized regardless of network location or prior session state. Combining this with role-based least-privilege access - restricting employees to only the resources their role requires - precisely matches the technique Eric implemented, as both continuous verification and least-privilege are foundational Zero Trust pillars defined in NIST SP 800-207.

Concept tested: Zero Trust network security model with least-privilege access

Source: https://www.nist.gov/publications/zero-trust-architecture

Topics

#zero trust network#cloud security#least privilege#access control

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice