Medium1 markMultiple Choice

Area II: SecuritySecurity MitigationArea II

CPA · Question 66 · Area II: Security

Which of the following is a key principle of 'Zero Trust' architecture?

Answer options:

A.

Trust but verify.

B.

Never trust, always verify.

C.

Trust internal network, verify external.

D.

Verify once, trust for the session.

How to approach this question

Identify the strictest security stance.

Full Answer

B.Never trust, always verify.✓ Correct

Zero Trust requires strict identity verification for every person and device trying to access resources on a private network.

Common mistakes

Confusing with 'Trust but verify'.

Question 65 All questions Question 67

Practice the full CPA ISC Practice Exam 2

82 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01A service organization provides a cloud-based payroll platform where clients access the software ...Medium Q02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...Hard Q03During a walkthrough of the change management process, an auditor observes that developers have w...Medium Q04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...Hard Q05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium

View all 82 questions →