Which element of ZT focuses on the governance rules that define
the "who, what, when, how, and why" aspects of accessing target
resources?
Policy is the element of ZT that focuses on the governance rules that define the ''who, what, when, how, and why'' aspects of accessing target resources. Policy is the core component of a ZTA that determines the access decisions and controls for each request based on various attributes and factors, such as user identity, device posture, network location, resource sensitivity, and environmental context. Policy is also the element that enables the ZT principles of ''never trust, always verify'' and ''scrutinize explicitly'' by enforcing granular, dynamic, and data-driven rules for each access request.
Reference=
Certificate of Competence in Zero Trust (CCZT) prepkit, page 14, section 2.2.2
What Is Zero Trust Architecture (ZTA)? - F5, section ''Policy Engine''
Zero Trust Architecture Project - NIST Computer Security Resource Center, slide 9
[Zero Trust Frameworks Architecture Guide - Cisco], page 4, section ''Policy Decision Point''
Nan
2 months agoMike
2 months agoMeaghan
2 months agoCarissa
2 months agoCyril
1 months agoViki
1 months agoReena
1 months agoColene
1 months agoJolanda
2 months agoMaybelle
2 months agoHelaine
28 days agoLorrine
1 months agoSon
1 months agoGlendora
2 months agoQuinn
2 months agoDallas
1 months agoCherry
1 months agoFlo
2 months agoGwenn
2 months agoJamal
1 months agoCorinne
1 months agoMargot
1 months agoGregoria
2 months agoBlossom
3 months agoPaola
3 months agoLaine
3 months ago