Quiz Entry - updated: 2026.07.05
What is the Zero Trust security model and what is its guiding principle?
"Never trust, always verify" — no request is trusted just because it comes from inside the network.
* The three Zero Trust principles — verify explicitly, least privilege, assume breach. *
Zero Trust is a security model based on the principle: "Never trust, always verify"
Key concepts:
- No implicit trust based on network location
- Every access request must be authenticated and authorized
- Applies to: Workforce/Devices, Network, Apps, Data, Workloads
- Works across any location (cloud, on-premise, hybrid)
This contrasts with traditional perimeter security where internal network traffic was trusted.
Go deeper:
NIST SP 800-207 — Zero Trust Architecture — moves defenses off the network perimeter onto users/assets/resources.
Zero trust architecture (Wikipedia) — accessible overview referencing NIST 800-207.