350-401 · Question #1354
Which architectural component enables a zero-trust security model?
The correct answer is D. data plane. Zero-Trust Security Model Explanation Data plane (D) is correct because it is the architectural layer responsible for actually forwarding, inspecting, and enforcing security policies on traffic in real time. In a zero-trust model, every packet or session must be continuously veri
Question
Which architectural component enables a zero-trust security model?
Options
- Aplug-and-play
- Bcontrol plane
- Cmanagement plane
- Ddata plane
How the community answered
(54 responses)- A2% (1)
- B4% (2)
- C6% (3)
- D89% (48)
Explanation
Zero-Trust Security Model Explanation
Data plane (D) is correct because it is the architectural layer responsible for actually forwarding, inspecting, and enforcing security policies on traffic in real time. In a zero-trust model, every packet or session must be continuously verified and authenticated regardless of source - this enforcement happens at the data plane level, where micro-segmentation and granular access controls are applied to each data flow.
Why the others are wrong:
- Control plane (B) manages routing decisions and network topology, but doesn't directly enforce zero-trust policies on traffic flows
- Management plane (C) handles device configuration and administration, operating at a higher abstraction level away from actual traffic enforcement
- Plug-and-play (A) is a convenience feature for device auto-configuration and has no relationship to security architecture models
Memory Tip: Think "Data plane = Deny by default" - zero-trust means never trust, always verify, and that verification happens where the data actually flows. If traffic touches it, the data plane checks it!
Topics
Community Discussion
No community discussion yet for this question.