New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CSA Exam CCZT Topic 6 Question 27 Discussion

Actual exam question for CSA's CCZT exam
Question #: 27
Topic #: 6
[All CCZT Questions]

According to NIST, what are the key mechanisms for defining,

managing, and enforcing policies in a ZTA?

Show Suggested Answer Hide Answer
Suggested Answer: A

According to NIST, the key mechanisms for defining, managing, and enforcing policies in a ZTA are the policy decision point (PDP), the policy enforcement point (PEP), and the policy information point (PIP). The PDP is the component that evaluates the policies and the contextual data collected from various sources and generates an access decision. The PEP is the component that enforces the access decision on the resource. The PIP is the component that provides the contextual data to the PDP, such as the user identity, the device posture, the network location, the resource attributes, and the environmental factors.

Reference=

Zero Trust Architecture Project - NIST Computer Security Resource Center, slide 9

What Is Zero Trust Architecture (ZTA)? - F5, section ''Policy Engine''

Zero Trust Frameworks Architecture Guide - Cisco, page 4, section ''Policy Decision Point''


by Louvenia at Sep 13, 2024, 01:44 PM

Limited Time Offer

25%

Off

Get Premium CCZT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Alline
2 months ago
Option D sounds like it was made up by someone who just threw random words together. PB? Really? I'll stick with A, the one that actually makes sense.
upvoted 0 times
Bulah
1 months ago
Definitely going with A, it just makes sense.
upvoted 0 times
...
Franchesca
2 months ago
Yeah, A seems to be the most straightforward.
upvoted 0 times
...
Georgene
2 months ago
I think option A is the most logical choice.
upvoted 0 times
...
Helga
2 months ago
I agree, option D does sound a bit strange.
upvoted 0 times
...
...
Lettie
2 months ago
Ha! As if the correct answer could be anything other than A. The NIST guys are all about those 3 P's - PDP, PEP, and PIP. Straight from the source, people!
upvoted 0 times
...
Margot
3 months ago
I agree with Lezlie. The NIST guidelines are clear on this, and A is the way to go.
upvoted 0 times
...
Lezlie
3 months ago
Option A is the correct answer. NIST defines the key mechanisms as PDP, PEP, and PIP. This is the standard approach for policy management in a Zero Trust Architecture.
upvoted 0 times
Justa
1 months ago
It's important to have a clear understanding of these mechanisms to ensure effective policy enforcement in a ZTA.
upvoted 0 times
...
Floyd
1 months ago
Yes, you're right. NIST identifies those as the key components for policy management in a Zero Trust Architecture.
upvoted 0 times
...
Reed
2 months ago
I think the key mechanisms for defining, managing, and enforcing policies in a ZTA are PDP, PEP, and PIP.
upvoted 0 times
...
...
Lorrie
3 months ago
C) Control, data, and application plane? Somebody's been watching too much Skynet.
upvoted 0 times
...
Wava
3 months ago
A) Yup, the PDP, PEP, and PIP - the holy trinity of zero trust policy management!
upvoted 0 times
Delfina
2 months ago
Raelene: It's important to have a solid foundation for policy management in a Zero Trust Architecture.
upvoted 0 times
...
Raelene
2 months ago
Definitely, those key mechanisms help define, manage, and enforce policies effectively.
upvoted 0 times
...
Keena
2 months ago
I agree, the PDP, PEP, and PIP are crucial for zero trust policy management.
upvoted 0 times
...
...
Rory
3 months ago
B) Data access, PKI, and IAM - that's the real-world stuff, not some abstract policy points.
upvoted 0 times
Simona
2 months ago
A) Policy decision point (PDP), policy enforcement point (PEP), and policy information point (PIP)
upvoted 0 times
...
Felton
2 months ago
D) Policy engine (PE), policy administrator (PA), and policy broker (PB)
upvoted 0 times
...
Gerri
2 months ago
B) Data access policy, public key infrastructure (PKI), and identity and access management (IAM) - that's the real-world stuff, not some abstract policy points.
upvoted 0 times
...
Chery
2 months ago
A) Policy decision point (PDP), policy enforcement point (PEP), and policy information point (PIP)
upvoted 0 times
...
...
Charlene
3 months ago
D) What? Policy engine, administrator, and broker? Sounds like something out of a sci-fi movie.
upvoted 0 times
Bette
2 months ago
C) Control plane, data plane, and application plane
upvoted 0 times
...
Douglass
3 months ago
B) Data access policy, public key infrastructure (PKI), and identity and access management (IAM)
upvoted 0 times
...
Marguerita
3 months ago
A) Policy decision point (PDP), policy enforcement point (PEP), and policy information point (PIP)
upvoted 0 times
...
...
Quentin
4 months ago
I'm not sure, but I think option D) Policy engine (PE), policy administrator (PA), and policy broker (PB) could also be key mechanisms for policies in a ZTA.
upvoted 0 times
...
Markus
4 months ago
A) Looks like the textbook answer to me. NIST definitely emphasizes those key policy control points.
upvoted 0 times
Leontine
2 months ago
D) NIST provides a solid framework for implementing effective policy control in ZTA.
upvoted 0 times
...
Kina
2 months ago
C) It's important to have a clear understanding of how policies are defined and enforced in a Zero Trust Architecture.
upvoted 0 times
...
Louisa
3 months ago
B) I remember studying those key mechanisms in my cybersecurity class.
upvoted 0 times
...
Cathrine
3 months ago
A) Yeah, those are the fundamental components for policy management in a ZTA.
upvoted 0 times
...
Peggy
3 months ago
B) I agree, those components are essential for defining, managing, and enforcing policies.
upvoted 0 times
...
Catina
3 months ago
A) Yeah, NIST really focuses on those key mechanisms for policy control in a ZTA.
upvoted 0 times
...
...
Serina
4 months ago
I agree with Luisa, those mechanisms make sense for defining, managing, and enforcing policies in a ZTA.
upvoted 0 times
...
Luisa
4 months ago
I think the key mechanisms are A) Policy decision point (PDP), policy enforcement point (PEP), and policy information point (PIP).
upvoted 0 times
...

Save Cancel