Which concept requires continuous verification of identity and device health for access control?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the WGU ITAS 2142 D830 Introduction to Cryptography Exam. Review flashcards and multiple choice questions with hints and explanations. Get ready for your exam!

Multiple Choice

Which concept requires continuous verification of identity and device health for access control?

Explanation:
Zero Trust is the approach where access decisions are made through continuous verification of who you are and the health of your device, regardless of where you’re connecting from. It requires ongoing authentication and authorization for every access request, plus checks on the device’s posture—things like whether the device is up to date, has the right security controls, and is free of risk signals. Access policies are dynamic and context-aware, adapting as risk changes, and security controls are often applied at a granular level to prevent lateral movement within the network. This combination of perpetual identity verification and device health assessment is why Zero Trust best fits the described concept. The other options don’t match this continuous verification focus as closely. Least privilege centers on giving the minimal permissions needed, but it doesn’t inherently mandate ongoing identity and device health checks for each access. Defense in depth emphasizes multiple security layers, yet it’s about redundancy and coverage rather than the continuous verification model itself. Data in transit encryption protects data as it moves, but it does not govern who gets access or assess device health for access decisions.

Zero Trust is the approach where access decisions are made through continuous verification of who you are and the health of your device, regardless of where you’re connecting from. It requires ongoing authentication and authorization for every access request, plus checks on the device’s posture—things like whether the device is up to date, has the right security controls, and is free of risk signals. Access policies are dynamic and context-aware, adapting as risk changes, and security controls are often applied at a granular level to prevent lateral movement within the network. This combination of perpetual identity verification and device health assessment is why Zero Trust best fits the described concept.

The other options don’t match this continuous verification focus as closely. Least privilege centers on giving the minimal permissions needed, but it doesn’t inherently mandate ongoing identity and device health checks for each access. Defense in depth emphasizes multiple security layers, yet it’s about redundancy and coverage rather than the continuous verification model itself. Data in transit encryption protects data as it moves, but it does not govern who gets access or assess device health for access decisions.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy