Quiz Entry - updated: 2026.07.14
What is Zero Trust architecture and how does it differ from perimeter-based security?
"Never trust, always verify" — unlike perimeter security, being inside the network grants no trust; every request is authenticated continuously.
* Perimeter trust-by-location versus Zero Trust verify-every-request, side by side. *
| Aspect | Perimeter Security | Zero Trust |
|---|---|---|
| Trust model | Inside network = trusted | Nothing trusted by default |
| Verification | At the border only | Every request, continuously |
| Lateral movement | Easy once inside | Blocked by microsegmentation |
| Remote work | VPN into trusted zone | Direct access with identity verification |
Three core principles:
- Verify explicitly — Authenticate based on identity, device, location, behavior
- Least privilege access — Just-in-time, just-enough access
- Assume breach — Design as if attackers are already inside
Key insight: Zero Trust is a security model and mindset, not a product you can buy.
Go deeper:
NIST SP 800-207 — Zero Trust Architecture — "no implicit trust by network location" and the ZTA tenets.
Wikipedia — Zero trust architecture — origins, definitions, and real-world adoption of the model.