As a part of the first section of Zero Trust, Verify Identity, we understand the who, the what, and the where, in order to:
A.
Revoke network access to unauthorized users, devices, and workloads.
B.
Provide a secure set of controls for the initiator, requiring the initiator to go through layers of validation as they attempt to access an application.
C.
Provide proper billing by counting the number of deployed end users within a customer’s environment.
D.
Provide disaster recovery and business continuity in a “black swan” event context.
The correct answer is B. The purpose of the first Zero Trust stage, Verify Identity, is to establish the foundation for secure access by understanding who is requesting access, what device or request context is involved, and where the request is coming from. This verification step allows the architecture to apply the right controls before access is granted. In practical terms, it creates a security model in which the initiator must pass through multiple validation layers tied to identity and context before reaching the application.
This is broader than simply revoking access to unauthorized users. Revocation may happen as an outcome, but the main purpose of verification is to support accurate and secure control decisions. It is also unrelated to billing or disaster recovery. Zero Trust begins with verification because access should not be based on being on the right network or inside the perimeter. It should be based on validated identity and current context. Once those are known, the architecture can apply the appropriate protections and policy outcomes. Therefore, the best answer is providing a secure set of controls through layered validation as the initiator attempts to access an application.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit