Certified Ethical Hacker (CEH v12) — Question 211

You are a cloud security expert at CloudGuard Inc. working with a client who plans to transition their infrastructure to a public cloud. The client expresses concern about potential data breaches and wants to ensure that only authorized personnel can access certain sensitive resources. You propose implementing a Zero Trust security model. Which of the following best describes how the Zero Trust model would enhance the security of their cloud resources?

Answer options

• A. It operates on the principle of least privilege, verifying each request as if it is from an untrusted source, regardless of its location.
• B. It encrypts all data stored in the cloud, ensuring only authorized users can decrypt it.
• C. It uses multi-factor authentication for all user accounts.
• D. It ensures secure data transmission by implementing SSL/TLS protocols.

Correct answer: A

Explanation

The correct answer is A because the Zero Trust model is based on the assumption that threats could be internal or external, so every request is treated as if it comes from an untrusted source. Options B, C, and D describe important security practices, but they do not specifically encapsulate the core principle of the Zero Trust approach, which emphasizes continuous verification and least privilege access.