350-701 · Question #485
What is the recommendation in a zero-trust model before granting access to corporate applications and resources?
The correct answer is A. to use multifactor authentication. In a zero-trust model, multifactor authentication (MFA) is a critical recommendation to verify user identity before granting access to corporate resources.
Question
What is the recommendation in a zero-trust model before granting access to corporate applications and resources?
Options
- Ato use multifactor authentication
- Bto use strong passwords
- Cto use a wired network, not wireless
- Dto disconnect from the network when inactive
How the community answered
(34 responses)- A91% (31)
- B3% (1)
- D6% (2)
Why each option
In a zero-trust model, multifactor authentication (MFA) is a critical recommendation to verify user identity before granting access to corporate resources.
A core principle of zero trust is "never trust, always verify." Multifactor authentication strongly verifies user identity before access to corporate applications and resources is granted, even if the user is already on the network, aligning with the "assume breach" mentality.
While using strong passwords is good security practice, MFA goes beyond passwords to provide a much stronger verification of identity, which is essential for a zero-trust model.
The choice between wired and wireless networks is less critical in a zero-trust model, as access is granted based on identity and device posture, not network type.
Disconnecting from the network when inactive is a general security measure but does not directly address the zero-trust principle of continuous verification *before* granting access.
Concept tested: Zero Trust model principles, MFA
Source: https://learn.microsoft.com/en-us/security/zero-trust/zero-trust-overview
Topics
Community Discussion
No community discussion yet for this question.