CompTIA CASP+ (CAS-004) — Question 206
A security manager wants to transition the organization to a zero trust architecture. To meet this requirement, the security manager has instructed administrators to remove trusted zones, role-based access, and one-time authentication. Which of the following will need to be implemented to achieve this objective? (Choose three.)
Answer options
- A. Least privilege
- B. VPN
- C. Policy automation
- D. PKI
- E. Firewall
- F. Continuous validation
- G. Continuous integration
- H. IaaS
Correct answer: A, C, F
Explanation
Implementing least privilege ensures that users have only the access necessary for their role, which is crucial in a zero trust architecture. Policy automation helps in enforcing security policies consistently across the organization, while continuous validation allows for ongoing verification of user identities and access rights. The other options, such as VPN and Firewall, do not directly align with the principles of zero trust, which focuses on strict access controls and continuous monitoring.