LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What are the three core principles of Zero Trust?

Verify Explicitly (authenticate every request on all signals), Least Privilege (just-in-time, just-enough access), and Assume Breach (design as if attackers are already inside).

1. Verify Explicitly:

  • Authenticate using all available signals: identity, device health, location, time, data sensitivity
  • Never grant access based on network location alone

2. Least Privilege Access:

  • Just-in-time — temporary access that expires
  • Just-enough — only what's needed for the task
  • Risk-based adaptive — more sensitive data = more verification required

3. Assume Breach:

  • Microsegmentation limits lateral movement
  • End-to-end encryption even for internal traffic
  • Continuous monitoring and analytics
  • Minimize blast radius of any single compromise

Tip: Think of Zero Trust as applying the airport security model to your network — everyone gets checked, every time, no exceptions.

Go deeper:

From Quiz: SPRG / Secure Architecture & Design | Updated: Jul 05, 2026