ADVERTISEMENT
ADVERTISEMENT

Home » Cyber Security

Zero Trust Security Model (with MCQs)

In this tutorial, we are going to learn about the Zero Trust Security Model in Cyber Security with MCQs to test your skills.
Submitted by Vanka Manikanth, on April 12, 2020

The original Zero Trust model was developed by Forrester in 2010, but not fully incorporated until Google successfully developed and implemented their version of Zero Trust, Beyond Corp, almost six years later. Let's understand what exactly the Zero Trust model is and what it means to implement one?

In this security landscape who and what you trust is key to your security, privacy, and anonymity.

The less you trust the lower your risk. If you want to minimize the risk do not trust even yourself unless you make sure what you are doing with multiple checks this is what the Zero Trust Model.

To protect your asset we have to make choices about trust. We have to select the Operating system. Software, encryption process, storage management, Internet service provider, password manager, etc. Evaluate instead of having trust, because there is no such 100 percent security and 0 percent risk. Everything represents some level of risk some acceptable while some not. We can mitigate the risk by distributing trust.

In simple words, Zero Trust is a security model centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. Micro-segmentation has to be followed- giving minimal access to specific modules. It is effective for mobile and cloud apps

Before Zero Trust we have Castle and Moat Security where Access will be given to full modules for authenticated users

Let us understand deep about it.

Suppose you wanted to store files or sync all your data into cloud storage like dropbox, syncing service. You should not trust that it will not get hacked; you should not trust your data will not be modified. So you have to take a risk choice or assessment basing upon the Zero Trust Model. Ask yourself how important the data is for you? If it is more important then have a backup at a separate location and encrypt the files with the key which you alone have. This way you are distributing the trust to alternatives to add up layers of security to your confidential information.

Multiple choices questions & answers

1) Can we trust Internet?
  1. Yes why not
  2. No, it has some risks we must be aware of our actions
  3. Not sure

2) Zero trust model says
  1. Keep a trust on your own actions
  2. Keep trust on your own tools
  3. Have no trust on anything, just evaluate and confirm

3) Its good to provide all the admin control access to every employee so that they will not waste time on specific requests
  1. True
  2. False
  3. Not sure

4) Before catastrophic breaches its good practice to have Zero Trust Model
  1. Yes
  2. Not required
  3. I dont think so

5) Zero Trust Security Model/Architecture should be built on trusting users,networks and sensitive access resources.
  1. Yes
  2. No
  3. Its not required to have Zero Trust Model

6) Micro Segmentation is a
  1. Approach to provide minimal access
  2. No minimal access
  3. Not Sure

7) Micro segmentation is not an effective way for Mobile Apps
  1. True
  2. False
  3. Not sure

8) Before Zero Trust we have
  1. Castle and Moat Security
  2. Castle and Mobile Security
  3. Not sure

9) Which Security Model gives Access to full modules for authenticated users
  1. Zero Trust
  2. Castle and Moat Security
  3. Not sure

10) Zero Trust model was developed by _____________ in 2010.
  1. Yes
  2. Forrester
  3. Not sure

ADVERTISEMENT




ADVERTISEMENT


Comments and Discussions!

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT

Languages: » C » C++ » C++ STL » Java » Data Structure » C#.Net » Android » Kotlin » SQL
Web Technologies: » PHP » Python » JavaScript » CSS » Ajax » Node.js » Web programming/HTML
Solved programs: » C » C++ » DS » Java » C#
Aptitude que. & ans.: » C » C++ » Java » DBMS
Interview que. & ans.: » C » Embedded C » Java » SEO » HR
CS Subjects: » CS Basics » O.S. » Networks » DBMS » Embedded Systems » Cloud Computing
» Machine learning » CS Organizations » Linux » DOS
More: » Articles » Puzzles » News/Updates

© https://www.includehelp.com some rights reserved.