Zero Trust - CompTIA Security+ SY0-701 - 1.2

Explains the concept of zero trust networks where all access to resources requires authentication. It discusses multi-factor authentication, data encryption, and the implementation of security controls to create a zero trust environment.

Discusses the concept of separating security devices into data plane and control plane. It explains the roles of data plane in processing network data and control plane in managing the actions of the data plane, with examples of physical and virtual devices.

Explains how to implement zero trust on networks by applying separate functional planes to security controls. It covers cloud-based security controls and the importance of evaluating security controls smarter by implementing adaptive identity technologies.

Discusses limiting access points to networks, implementing policy-driven access control, and understanding the identity and location of users. It explains the concept of security zones for access control, setting rules for different zones, and creating implicit trust in trusted zones.

Explains the role of policy enforcement points in evaluating traffic passing through the network and making decisions based on security policies. It discusses the policy decision point's responsibility for examining authentication requests and enforcing security policies.