CCZT Free Practice Test

What should an organization's data and asset classification be based on?

1. A. Location of data
2. B. History of data
3. C. Sensitivity of data
4. D. Recovery of data

Correct Answer: C
Data and asset classification should be based on the sensitivity of data, which is the degree to which the data requires protection from unauthorized access, modification, or disclosure. Data sensitivity is determined by the potential impact of data loss, theft, or corruption on the organization, its customers, and its partners. Data sensitivity can also be influenced by legal, regulatory, and contractual obligations.
References =
✑ Certificate of Competence in Zero Trust (CCZT) prepkit, page 10, section 2.1.1
✑ Identify and protect sensitive business data with Zero Trust, section 1
✑ Secure data with Zero Trust, section 1
✑ SP 800-207, Zero Trust Architecture, page 9, section 3.2.1

When preparing to implement ZTA, some changes may be required. Which of the following components should the organization consider as part of their checklist to ensure a successful implementation?

1. A. Vulnerability scanning, patch management, change management, and problem management
2. B. Organization's governance, compliance, risk management, and operations
3. C. Incident management, business continuity planning (BCP), disaster recovery (DR), and training and awareness programs
4. D. Visibility and analytics integration and services accessed using mobile devices

Correct Answer: B
When preparing to implement ZTA, some changes may be required in the organization??s governance, compliance, risk management, and operations. These components are essential for ensuring a successful implementation of ZTA, as they involve the following aspects12:
✑ Governance: This refers to the establishment of a clear vision, strategy, and roadmap for ZTA, as well as the definition of roles, responsibilities, and authorities for ZTA stakeholders. Governance also involves the alignment of ZTA with the organization??s mission, goals, and objectives, and the communication and collaboration among ZTA teams and other business units.
✑ Compliance: This refers to the adherence to the relevant laws, regulations, standards, and policies that apply to the organization??s ZTA. Compliance also involves the identification and mitigation of any legal or contractual risks or issues that may arise from ZTA implementation, such as data privacy, security, and sovereignty.
✑ Risk management: This refers to the assessment and management of the risks associated with ZTA implementation, such as technical, operational, financial, or reputational risks. Risk management also involves the development and implementation of risk mitigation strategies, controls, and metrics, as well as the monitoring and reporting of risk status and performance.
✑ Operations: This refers to the execution and maintenance of the ZTA processes, technologies, and services, as well as the integration and interoperability of ZTA with the existing IT infrastructure and systems. Operations also involve the optimization and improvement of ZTA efficiency and effectiveness, as well as the resolution of any operational issues or incidents.
References =
✑ Zero Trust Architecture: Governance
✑ Zero Trust Architecture: Acquisition and Adoption

What should be a key component of any ZT project, especially during implementation and adjustments?

1. A. Extensive task monitoring
2. B. Frequent technology changes
3. C. Proper risk management
4. D. Frequent policy audits

Correct Answer: C
Proper risk management should be a key component of any ZT project, especially during implementation and adjustments, because it helps to identify, analyze, evaluate, and treat the potential risks that may affect the ZT and ZTA objectives and outcomes. Proper risk management also helps to prioritize the ZT and ZTA activities and resources based on the risk level and impact, and to monitor and review the risk mitigation strategies and actions. References = Certificate of Competence in Zero Trust (CCZT) - Cloud Security
Alliance, Zero Trust Training (ZTT) - Module 9: Risk Management

When implementing ZTA, why is it important to collect logs from different log sources?

1. A. Collecting logs supports investigations, dashboard creation, and policy adjustments.
2. B. Collecting logs supports recording transaction flows, mapping transaction flows, and detecting changes in transaction flows.
3. C. Collecting logs supports change management, incident management, visibility and analytics.
4. D. Collecting logs supports micro-segmentation, device security, and governance.

Correct Answer: C
Log collection is an essential component of ZTA, as it provides the data needed to monitor, audit, and improve the security posture of the network. By collecting logs from different sources, such as devices, applications, firewalls, gateways, and policies, ZTA can support various functions, such as:
✑ Change management: Logs can help track and document any changes made to the network configuration, policies, or resources, and assess their impact on the security and performance of the network. Logs can also help identify and revert any unauthorized or erroneous changes that may compromise the network integrity1.
✑ Incident management: Logs can help detect and respond to any security incidents, such as breaches, attacks, or anomalies, that may occur in the network. Logs can provide the evidence and context needed to investigate the root cause, scope, and impact of the incident, and to take appropriate remediation actions2.
✑ Visibility and analytics: Logs can help provide a comprehensive and granular view of the network activity, performance, and behavior. Logs can be used to generate dashboards, reports, and alerts that can help measure and improve the network security and efficiency. Logs can also be used to apply advanced analytics techniques, such as machine learning, to identify patterns, trends, and insights that can help optimize the network operations and security3.
References =
✑ Zero Trust Architecture: Data Sources
✑ Zero Trust Architecture: Incident Response
✑ Zero Trust Architecture: Visibility and Analytics

ZTA reduces management overhead by applying a consistent access model throughout the environment for all assets. What can
be said about ZTA models in terms of access decisions?

1. A. The traffic of the access workflow must contain all the parameters for the policy decision points.
2. B. The traffic of the access workflow must contain all the parameters for the policy enforcement points.
3. C. Each access request is handled just-in-time by the policy decision points.
4. D. Access revocation data will be passed from the policy decision points to the policy enforcement points.

Correct Answer: C
ZTA models in terms of access decisions are based on the principle of ??never trust, always verify??, which means that each access request is handled just-in-time by the policy decision points. The policy decision points are the components in a ZTA that evaluate the policies and the contextual data collected from various sources, such as the user identity, the device posture, the network location, the resource attributes, and the environmental factors, and then generate an access decision. The access decision is communicated to the policy enforcement points, which enforce the decision on the resource. This way, ZTA models apply a consistent access model throughout the environment for all assets, regardless of their location, type, or ownership.
References =
✑ Certificate of Competence in Zero Trust (CCZT) prepkit, page 14, section 2.2.2
✑ What Is Zero Trust Architecture (ZTA)? - F5, section ??Policy Engine??
✑ Zero trust security model - Wikipedia, section ??What Is Zero Trust Architecture???
✑ Zero Trust Maturity Model | CISA, section ??Zero trust security model??