ExpertMedium1 markMultiple Choice
CPA · Question 42 · Area II: Security
A company implements a 'Zero Trust' architecture. Which of the following principles is central to this model?
A company implements a 'Zero Trust' architecture. Which of the following principles is central to this model?
Answer options:
A.
Trust everyone inside the firewall; verify everyone outside.
B.
Trust but verify.
C.
Never trust, always verify, regardless of location.
D.
Trust devices managed by the IT department.
How to approach this question
Zero Trust = No implicit trust. Inside/Outside doesn't matter.
Full Answer
C.Never trust, always verify, regardless of location.✓ Correct
C
Zero Trust architecture eliminates the concept of a trusted internal network. It requires continuous verification of the user, device, and context for every request, regardless of where it originates.
Common mistakes
Confusing 'Trust but verify' with Zero Trust.
Practice the full CPA ISC Practice Exam
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is performing a risk assessment for a client that uses a public cloud provider for its core...HardQ02During a walkthrough of a client's change management process, the auditor notes that developers h...HardQ03A service organization provides a real-time transaction processing platform. The service level ag...HardQ04An auditor is reviewing a SQL query used by the finance team to generate a report of all sales tr...HardQ05A healthcare clearinghouse is preparing for a SOC 2® engagement. They utilize a private cloud dep...Hard