LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is Zero Trust architecture and how does it differ from perimeter-based security?

"Never trust, always verify" — unlike perimeter security, being inside the network grants no trust; every request is authenticated continuously.

Perimeter (trust inside, verify at border, lateral movement easy) vs Zero Trust (trust nothing, verify every request, microsegment).

* Perimeter trust-by-location versus Zero Trust verify-every-request, side by side. *

Aspect Perimeter Security Zero Trust
Trust model Inside network = trusted Nothing trusted by default
Verification At the border only Every request, continuously
Lateral movement Easy once inside Blocked by microsegmentation
Remote work VPN into trusted zone Direct access with identity verification

Three core principles:

  1. Verify explicitly — Authenticate based on identity, device, location, behavior
  2. Least privilege access — Just-in-time, just-enough access
  3. Assume breach — Design as if attackers are already inside

Key insight: Zero Trust is a security model and mindset, not a product you can buy.

Go deeper:

From Quiz: SPRG / Secure Architecture & Design | Updated: Jul 14, 2026