Fundamentals of Security (Section 2) Flashcards
Zero Trust
Zero Trust demands verification for every device, user, and transaction within the network, regardless of its origin.
Zero trust architecture works on the basis of two different planes
Control Plane and Data Plane
What is Control Plane?
Zero Trust
Refers to the overarching framework and set of components responsible for defining, managing, and enforcing the policies related to user and system access within an organization.
What is Data Plane?
Zero Trust
Ensures the policies are properly executed
Data Plane consists of the following.
Zero Trust
Subject / System
Control Plane Key elements
Zero Trust
Adaptive Identity
What is Gap Alnalysis
Process of evaluating the differences between an organization’s current performance and its desired performance.
Gap Analysis Tool
Valuable tool for organizations looking to improve their operations, processes, performance, or overall security posture.
Type of Gap Analysis
Technical and Business Gap Analysis
Plan of Action and Milestones (POA&M)
Outlines the specific measures to address each vulnerability
Allocate resources
setup timelines for each remediation task that is needed