Danni-Tech

Welcome to my complete CompTIA Security Plus course. This is Danni-Tech! This course aims to be a  complete course for Security Plus 100%  free. Stay tuned until the end as there will be a quiz to test your knowledge on the material in this video. Now let’s get started.

 

Zero Trust is a modern security framework  built on one simple principle: Never trust, always verify. 

 

Unlike traditional security models that assume everything inside the network is safe, Zero Trust assumes that every user, device, and application must constantly prove their legitimacy to access resources—no exceptions.

 

In traditional networks, once a user passes the firewall, they often have broad access to other systems. But in a Zero Trust environment, every action, device, and process is subject to verification. This approach dramatically reduces the risk of unauthorized access or the spread of malicious activity.

 

Let’s break down how Zero Trust works and the components that make it effective.

Now, Zero Trust separates security functions into two key areas: the control plane and the data plane.

• The Data Plane: is where the actual traffic moves. Think of it as the “highway” of your network. The data plane includes all the packets, frames, and other network data traveling between devices. For example, when a user accesses an internal server, their request moves through the data plane. Next you have the 

• The Control Plane: This is the “brain” that manages and oversees the traffic in the data plane. It’s where decisions are made, policies are applied, and rules are enforced. For example, the control plane determines whether a user’s request to access a server should be allowed or denied. By separating these functions, Zero Trust ensures granular control over all network traffic, whether it’s local, remote, or cloud-based.

Now the core principles of zero trust are # 1

1. Adaptive Identity:

Identity verification is at the heart of Zero Trust. Users and devices aren’t just authenticated once; they’re continuously evaluated.

• For example, if John logs in from his usual location, the system allows access. But if John suddenly tries to log in from another country, the system might block him or require additional verification. And so to be clear (adaptive verification means dynamically adjusting authentication requirements based on the context and risk of a user’s actions, such as their location, behavior, or device.)

 Another Core Principles of Zero Trust is 

2. Threat Scope Reduction:

Zero Trust reduces the attack surface by limiting access to only what is necessary. Every resource is treated as if it’s exposed to potential threats, so access is restricted to the minimum required for each user, device, or application.

 

3. Policy-Driven Access Control:

Every action in a Zero Trust environment is guided by policies. These policies are built around user roles, device status, location, and other contextual data. For example:

 

• For example, let’s say Susie, who works in HR, needs access to payroll files. She logs in via the company VPN, and the system’s policy allows her to access HR systems but nothing else—not IT, not finance systems. This ensures Susie can perform her job while maintaining strict access control and security.”

Zero Trust Implementation Components starting with: The Policy Engine

The policy engine evaluates access requests based on predefined security policies. It examines contextual data like user roles, device type, location, and risk level to decide whether to allow, deny, or revoke access.

 

Next there is the Policy Administrator:

Once the policy engine makes a decision, the policy administrator ensures the decision is carried out. It communicates with the enforcement point and provides any necessary access tokens or credentials.

 

Next you have the Policy Enforcement Point (PEP)

Which acts as the gatekeeper. It monitors all traffic and applies the rules defined by the policy engine.

For example, if a device fails authentication, the PEP blocks its request to access internal resources.

Now let’s look at Data Plane Components beginning with…

 

1. Implicit Trust Zones:
In Zero Trust, implicit trust zones are eliminated. Instead, every zone, whether internal or external, is treated as untrusted by default. For example, the company data center is no longer assumed to be safe—in a zero trust atmosphere it must constantly verify access requests.

 

2. Subjects and Systems:
 A subject could be a user like John or Susie, while a system could be a laptop, server, or even an IoT device. Both are treated as untrusted until verified. Completely removing implicit trust. 

3. Policy Enforcement at Every Step:
Every communication between subjects and systems passes through the PEP to ensure compliance with security policies.

 

 
Building Trust Dynamically

In Zero Trust, trust is built dynamically based on context, not assumptions. This involves:

• Behavior Analysis:
  If a user suddenly exhibits unusual behavior—like logging in from an unrecognized device—the system adapts by applying stronger authentication measures or denying access.

• Location Awareness:
  Access may be restricted based on where the request originates. For example, someone accessing from the corporate office might have different permissions compared to someone connecting via a public Wi-Fi network.

• Device Validation:
  Devices must prove they’re authorized to connect. This is often achieved with certificates issued by a Certificate Authority (CA). For instance, a company-issued laptop must present its certificate during login to verify that it’s trusted.

Now Let’s see how Zero Trust operates in a practical scenario:

Susie wants to access a database from her laptop. Her request travels over the data plane to the PEP. The PEP sends the request to the policy engine, which evaluates:

1. Is Susie using a trusted device?
2. Is she logging in from an authorized location?
3. Does her role allow her to access the requested database?

The policy engine determines Susie’s request is valid. It sends this decision to the policy administrator, which issues the necessary credentials to the PEP. The PEP allows Susie’s request to proceed, granting her access to the database.

 

 Why does Zero Trust Matter?

Traditional security models rely on a “perimeter defense” strategy, assuming everything inside the network is safe. But Zero Trust flips that model, requiring verification at every step. This ensures:

• Stronger Security: since Every user, device, and process is continually validated.
• Reduced Attack Surface: As Unauthorized users and devices are blocked from accessing critical resources
• Improved Visibility: Policies and enforcement points provide clear insight into who is accessing what and from where.

Zero Trust isn’t just a framework—it’s a mindset. By implementing these principles, organizations can stay ahead of evolving threats and ensure their systems remain secure.