The correct selections are No, Yes, No . Microsoft defines Zero Trust as a security strategy and explicitly states that it isn’t a product or a service . Instead, it is an approach based on principles such as verify explicitly , use least privilege access , and assume breach . That makes statement 2 true.
Statement 1 is false because Zero Trust does not require an Azure subscription. Microsoft provides Zero Trust guidance across many environments, including Microsoft 365, Copilot, Azure, and hybrid scenarios. It is a strategy that can be implemented with different technologies and is not dependent on owning Azure specifically.
Statement 3 is also false because there is no single switch in the Microsoft 365 admin center to “enable Zero Trust” for an organization. Microsoft’s documentation presents Zero Trust as a set of policies, configurations, and deployment steps across services such as Microsoft Entra, Intune, Defender, and Microsoft 365 workloads, not as one admin-center toggle.
Top of Form
Bottom of Form
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit