Within the Five-Step Methodology of Zero Trust, in which step would application access and user access be defined?
Within the Five-Step Methodology of Zero Trust, in which step would application access and user access be defined?
In the Five-Step Methodology of Zero Trust, application access and user access would be defined in Step 2: Map the Protect Surface Transaction Flows. This step involves identifying which applications have access to critical data, which users have access to those applications, and which users and applications have access to which parts of the infrastructure. This mapping is essential for creating a comprehensive understanding of access controls needed for implementing Zero Trust principles.
important words are "app access" and "user access" https://docs.paloaltonetworks.com/best-practices/zero-trust-best-practices/zero-trust-best-practices/the-five-step-methodology/step-4-implementation#id8af03732-03e2-404a-9030-dfb63dfabffd
The question it's when we are implementing and not when we are mapping.
In step 2 is defined: Which applications have access to which critical data, which users have access to those applications and which users and applications have access to which infrastructure. https://docs.paloaltonetworks.com/best-practices/zero-trust-best-practices/zero-trust-best-practices/the-five-step-methodology/step-2-map-the-protect-surface-transaction-flows Step four is the implementation of securty rules based on definitions of previous steps.
D, Map the transactions between users, applications, and data, so that you can verify and inspect those transactions. Map: Which applications have access to which critical data. Which users have access to those applications. Which users and applications have access to which infrastructure.
Answer D: Step 2 You have to MAP, to define the access https://docs.paloaltonetworks.com/best-practices/zero-trust-best-practices/zero-trust-best-practices/the-five-step-methodology