CCZT

Of the following, which option is a prerequisite action to understand the organization's protect surface clearly?A . Data and asset classificationB . Threat intelligence capability and monitoringC . Gap analysis of the organization's threat landscapeD . To have the latest risk register for controls implementationView AnswerAnswer: A Explanation: Data and...

Which component in a ZTA is responsible for deciding whether to grant access to a resource?A . The policy enforcement point (PEP)B . The policy administrator (PA)C . The policy engine (PE)D . The policy componentView AnswerAnswer: C Explanation: The policy engine (PE) is the component in a ZTA that...

ZTA reduces management overhead by applying a consistent access model throughout the environment for all assets. What can be said about ZTA models in terms of access decisions?A . The traffic of the access workflow must contain all the parameters for the policy decision points.B . The traffic of the...

To ensure a successful ZT effort, it is important toA . engage finance regularly so they understand the effort and do not cancel the projectB . keep the effort focused within IT to avoid any distractionsC . engage stakeholders across the organization and at all levels, including functional areasD ....

To successfully implement ZT security, two crucial processes must be planned and aligned with existing access procedures that the ZT implementation might impact. What are these two processes?A . Incident and response managementB . Training and awareness programsC . Vulnerability disclosure and patching managementD . Business continuity planning (BCP) and...

Which of the following is a common activity in the scope, priority, and business case steps of ZT planning?A . Determine the organization's current stateB . Prioritize protect surfacesC . Develop a target architectureD . Identify business and service ownersView AnswerAnswer: A Explanation: A common activity in the scope, priority,...

What is the function of the rule-based security policies configured on the policy decision point (PDP)?A . Define rules that specify how information can flowB . Define rules that specify multi-factor authentication (MFA) requirementsC . Define rules that map roles to usersD . Define rules that control the entitlements to...

What should an organization's data and asset classification be based on?A . Location of dataB . History of dataC . Sensitivity of dataD . Recovery of dataView AnswerAnswer: C Explanation: Data and asset classification should be based on the sensitivity of data, which is the degree to which the data...

Which security tools or capabilities can be utilized to automate the response to security events and incidents?A . Single packet authorization (SPA)B . Security orchestration, automation, and response (SOAR)C . Multi-factor authentication (MFA)D . Security information and event management (SIEM)View AnswerAnswer: B Explanation: SOAR is a collection of software programs...

To respond quickly to changes while implementing ZT Strategy, an organization requires a mindset and culture ofA . learning and growth.B . continuous risk evaluation and policy adjustment.C . continuous process improvement.D . project governance.View AnswerAnswer: B Explanation: To respond quickly to changes while implementing ZT Strategy, an organization requires...