Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CompTIA Exam CS0-003 Topic 3 Question 38 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 38
Topic #: 3
[All CS0-003 Questions]

An organization is planning to adopt a zero-trust architecture. Which of the following is most aligned with this approach?

Show Suggested Answer Hide Answer
Suggested Answer: A

Comprehensive and Detailed Step-by-Step

Network segmentation supports zero-trust principles by ensuring sensitive systems are isolated and access is restricted based on identity, role, and context. Unlike traditional models, zero-trust architecture does not automatically trust authenticated users or internal network traffic. It enforces strict access controls to minimize risk.


CompTIA CySA+ Study Guide (Chapter 2: Zero Trust and Network Segmentation, Page 52)

CompTIA CySA+ Objectives (Domain 1.1 - Zero Trust Architecture)

by Ty at Jan 22, 2025, 10:38 AM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Valentin
4 months ago
I still think A) Network segmentation is the best choice for zero-trust architecture.
upvoted 0 times
...
Ozell
4 months ago
I see your point, Adell. Whitelisting can help, but network segmentation is more comprehensive in enforcing zero-trust.
upvoted 0 times
...
Arlette
4 months ago
Trusting internal traffic? That's like letting the fox guard the henhouse. Zero-trust all the way, baby!
upvoted 0 times
Isabelle
3 months ago
A) Network segmentation to separate sensitive systems from the rest of the network.
upvoted 0 times
...
Carey
3 months ago
Trusting internal traffic is risky. Zero-trust is the way to go!
upvoted 0 times
...
Janine
3 months ago
C) Trusting users who successfully authenticate once with multifactor authentication.
upvoted 0 times
...
Genevive
3 months ago
B) Whitelisting specific IP addresses that are allowed to access the network.
upvoted 0 times
...
Kenny
3 months ago
B) Whitelisting specific IP addresses that are allowed to access the network.
upvoted 0 times
...
Glendora
3 months ago
A) Network segmentation to separate sensitive systems from the rest of the network.
upvoted 0 times
...
Ernie
3 months ago
A) Network segmentation to separate sensitive systems from the rest of the network.
upvoted 0 times
...
...
Adell
4 months ago
But what about option B) Whitelisting specific IP addresses? Wouldn't that also align with zero-trust?
upvoted 0 times
...
Valentin
4 months ago
I agree with Ozell, because zero-trust architecture requires segmenting sensitive systems.
upvoted 0 times
...
Kathrine
4 months ago
Ah, the classic network segmentation approach. It's like building a firewall around your sensitive data - except the firewall is made of Swiss cheese.
upvoted 0 times
Audria
3 months ago
D) Automatically trusting internal network communications over external traffic.
upvoted 0 times
...
Nickie
3 months ago
C) Trusting users who successfully authenticate once with multifactor authentication.
upvoted 0 times
...
Stefany
3 months ago
B) Whitelisting specific IP addresses that are allowed to access the network.
upvoted 0 times
...
Craig
3 months ago
A) Network segmentation to separate sensitive systems from the rest of the network.
upvoted 0 times
...
...
Ozell
5 months ago
I think the answer is A) Network segmentation.
upvoted 0 times
...
Willetta
5 months ago
Option C is the way to go! I mean, who needs constant verification when you've got that sweet sweet MFA?
upvoted 0 times
Roxane
4 months ago
User 3: Option C is convenient, but I think network segmentation is more secure in the long run.
upvoted 0 times
...
Shala
4 months ago
User 2: I agree, keeping sensitive systems separate is crucial for security.
upvoted 0 times
...
Fallon
4 months ago
User 1: I think option A is the best choice. Network segmentation is key for zero-trust.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77