Question
What are the three zero trust principles?
Click to reveal answer
Answer
Verify explicitly (always authenticate and authorize), Least privilege access (limit access with JIT/JEA), Assume breach (minimize blast radius and segment access).
Click to flip back
All Identity & Network Security Flashcards
Q: What are the three zero trust principles?
A: Verify explicitly (always authenticate and authorize), Least privilege access (limit access with JIT/JEA), Assume breach (minimize blast radius and segment access).
Q: What is the difference between Private Endpoint and Service Endpoint?
A: Private Endpoint assigns a private IP in your VNet for the PaaS resource. Service Endpoint routes traffic over Azure backbone but the service retains its public IP.
Q: What does PIM require?
A: Entra ID P2 license. Provides just-in-time role activation with time limits, approval workflows, MFA verification, and full audit trails.
Q: How does Azure Firewall differ from NSG?
A: Azure Firewall is a centralized, stateful service with FQDN filtering, threat intelligence, and TLS inspection. NSGs are distributed L3/L4 filters at NIC/subnet level.
Q: What is JIT VM Access?
A: Just-In-Time access (Defender for Cloud) blocks management ports by default. Users request temporary access for a defined time, reducing attack surface.