A company is implementing a zero trust architecture. Which of the following BEST describes the principle of micro-segmentation in this model?
Trap 1: Creating a single perimeter around the entire network
This describes traditional perimeter security, not micro-segmentation.
Trap 2: Using VLANs to separate departments
VLANs are a form of segmentation but not as granular as micro-segmentation at the workload level.
Trap 3: Implementing a VPN for remote access
VPN is a connectivity method, not a zero trust segmentation technique.
- A
Creating a single perimeter around the entire network
Why wrong: This describes traditional perimeter security, not micro-segmentation.
- B
Isolating workloads at the virtual network interface level with granular security policies
This accurately defines micro-segmentation in a zero trust model.
- C
Using VLANs to separate departments
Why wrong: VLANs are a form of segmentation but not as granular as micro-segmentation at the workload level.
- D
Implementing a VPN for remote access
Why wrong: VPN is a connectivity method, not a zero trust segmentation technique.