312-50V12 · Question #51
312-50V12 Question #51: Real Exam Question with Answer & Explanation
The correct answer is B: Zero trust network. Zero trust network is a security model that assumes by default that a user attempting to access the network is not an authentic entity and verifies every incoming connection before allowing access to the network. This is in contrast to traditional security models, which assume th
Question
Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to access the network is not an authentic entity and verifies every incoming connection before allowing access to the network. Using this technique, he also imposed conditions such that employees can access only the resources required for their role. What is the technique employed by Eric to secure cloud resources?
Options
- ADemilitarized zone
- BZero trust network
- CServerless computing
- DContainer technology
Explanation
Zero trust network is a security model that assumes by default that a user attempting to access the network is not an authentic entity and verifies every incoming connection before allowing access to the network. This is in contrast to traditional security models, which assume that users inside the network are trusted and only need to be authenticated once. Zero trust network is implemented by using a variety of security controls, such as: - Micro-segmentation: This is the practice of dividing the network into small, isolated segments, each with its own security controls. This makes it more difficult for an attacker to move laterally within the network once they have gained access. - Multi-factor authentication: This requires users to provide multiple pieces of identification, such as a username, password, and security token, before being granted access to the network. - Continuous monitoring: This involves monitoring all network traffic for suspicious activity. - Least privilege: This principle states that users should only be granted the access they need to perform their job duties. In Eric's case, he is implementing a zero trust network by verifying every incoming connection before allowing access to the network. He is also imposing conditions such that employees can only access the resources required for their role. This is a good way to secure cloud resources and protect them from unauthorized access.
Topics
Community Discussion
No community discussion yet for this question.