CSA Exam CCZT Topic 3 Question 21 Discussion

Actual exam question for CSA's CCZT exam

Question #: 21
Topic #: 3

[All CCZT Questions]

What does device validation help establish in a ZT deployment?

AConnection based on user

BHigh-speed network connectivity

CTrusted connection based on certificate-based keys

DUnrestricted public access
Device validation helps establish a trusted connection based on certificate-based keys in a ZT deployment. Device validation is the process of verifying the identity and posture of the devices that request access to the protected resources. Device validation relies on the use of certificates, which are digital credentials that bind the device identity to a public key. Certificates are issued by a trusted authority and can be used to authenticate the device and encrypt the communication. Device validation helps to ensure that only healthy and compliant devices can access the resources, and that the connection is secure and confidential.
Reference=
Certificate of Competence in Zero Trust (CCZT) prepkit, page 15, section 2.2.3
Zero Trust and Windows device health - Windows Security, section ''Device health attestation on Windows''
Devices and zero trust | Google Cloud Blog, section ''In a zero trust environment, every device has to earn trust in order to be granted access.''

Show Suggested Answer

Suggested Answer: B

After successful authentication and authorization, the client typically sends an SPA packet to the controller, which acts as an intermediary in authenticating the client's request before access to the accepting host is granted. Reference = Certificate of Competence in Zero Trust (CCZT) - Cloud Security Alliance, Zero Trust Training (ZTT) - Module 9: Risk Management

by Steffanie at Jul 12, 2024, 08:33 AM

Limited Time Offer

25%

Off

Get Premium CCZT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Sherrell

23 days ago

Haha, yeah, unrestricted public access? That's the opposite of what zero trust is all about. Good thing device validation is here to save the day with those certificate-based keys!

upvoted 0 times

...

2 months ago

Okay, this is straightforward. Device validation is all about establishing a trusted connection based on certificate-based keys in a ZT deployment. It's the way to ensure only authorized and healthy devices can access the resources.

upvoted 0 times