CCDE: Cisco Certified Design Expert (Practical) — Question 41

A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?

Answer options

• A. Assess real-time security health of devices
• B. Enforce risk-based and adaptive access policies
• C. Ensure trustworthiness of devices
• D. Apply a context-based network access control policy for users

Correct answer: B

Explanation

The correct answer is B because enforcing risk-based and adaptive access policies helps to manage potential threats by adjusting user access based on their risk levels. Option A, while important, focuses on device health rather than immediate access control. Option C does not address the ongoing threat of phishing directly, and option D, although useful, is secondary to establishing risk-based policies in this scenario.