New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

CCZT Certificate of Competence in Zero Trust (CCZT) Questions and Answers

Questions 4

To respond quickly to changes while implementing ZT Strategy, an

organization requires a mindset and culture of

Options:

A.

learning and growth.

B.

continuous risk evaluation and policy adjustment.

C.

continuous process improvement.

D.

project governance.

Buy Now
Questions 5

What is the function of the rule-based security policies configured

on the policy decision point (PDP)?

Options:

A.

Define rules that specify how information can flow

B.

Define rules that specify multi-factor authentication (MFA)

requirements

C.

Define rules that map roles to users

D.

Define rules that control the entitlements to assets

Buy Now
Questions 6

When implementing ZTA, why is it important to collect logs from

different log sources?

Options:

A.

Collecting logs supports investigations, dashboard creation, and

policy adjustments.

B.

Collecting logs supports recording transaction flows, mapping

transaction flows, and detecting changes in transaction flows.

C.

Collecting logs supports change management, incident

management, visibility and analytics.

D.

Collecting logs supports micro-segmentation, device security, and

governance.

Buy Now
Questions 7

Of the following, which option is a prerequisite action to understand the organization's protect surface clearly?

Options:

A.

Data and asset classification

B.

Threat intelligence capability and monitoring

C.

Gap analysis of the organization's threat landscape

D.

To have the latest risk register for controls implementation

Buy Now
Questions 8

How can ZTA planning improve the developer experience?

Options:

A.

Streamlining access provisioning to deployment environments.

B.

Require deployments to be grouped into quarterly batches.

C.

Use of a third-party tool for continuous integration/continuous

deployment (CI/CD) and deployments.

D.

Disallowing DevOps teams access to the pipeline or deployments.

Buy Now
Questions 9

When planning for a ZTA, a critical product of the gap analysis

process is______

Select the best answer.

Options:

A.

a responsible, accountable, consulted, and informed (RACI) chart

and communication plan

B.

supporting data for the project business case

C.

the implementation's requirements

D.

a report on impacted identity and access management (IAM)

infrastructure

Buy Now
Questions 10

During the monitoring and analytics phase of ZT transaction flows,

organizations should collect statistics and profile the behavior of

transactions. What does this support in the ZTA?

Options:

A.

Creating firewall policies to protect data in motion

B.

A continuous assessment of all transactions

C.

Feeding transaction logs into a log monitoring engine

D.

The monitoring of relevant data in critical areas

Buy Now
Questions 11

What is one benefit of the protect surface in a ZTA for an

organization implementing controls?

Options:

A.

Controls can be implemented at all ingress and egress points of the

network and minimize risk.

B.

Controls can be implemented at the perimeter of the network and

minimize risk.

C.

Controls can be moved away from the asset and minimize risk.

D.

Controls can be moved closer to the asset and minimize risk.

Buy Now
Questions 12

What measures are needed to detect and stop malicious access

attempts in real-time and prevent damage when using ZTA's

centralized authentication and policy enforcement?

Options:

A.

Audit logging and monitoring

B.

Dynamic firewall policies

C.

Network segregation

D.

Dynamic access policies

Buy Now
Questions 13

ZT project implementation requires prioritization as part of the

overall ZT project planning activities. One area to consider is______

Select the best answer.

Options:

A.

prioritization based on risks

B.

prioritization based on budget

C.

prioritization based on management support

D.

prioritization based on milestones

Buy Now
Questions 14

The following list describes the SDP onboarding process/procedure.

What is the third step? 1. SDP controllers are brought online first. 2.

Accepting hosts are enlisted as SDP gateways that connect to and

authenticate with the SDP controller. 3.

Options:

A.

Initiating hosts are then onboarded and authenticated by the SDP

gateway

B.

Clients on the initiating hosts are then onboarded and

authenticated by the SDP controller

C.

SDP gateway is brought online

D.

Finally, SDP controllers are then brought online

Buy Now
Questions 15

In SaaS and PaaS, which access control method will ZT help define

for access to the features within a service?

Options:

A.

Data-based access control (DBAC)

B.

Attribute-based access control (ABAC)

C.

Role-based access control (RBAC)

D.

Privilege-based access control (PBAC)

Buy Now
Questions 16

To successfully implement ZT security, two crucial processes must

be planned and aligned with existing access procedures that the ZT

implementation might impact. What are these two processes?

Options:

A.

Incident and response management

B.

Training and awareness programs

C.

Vulnerability disclosure and patching management

D.

Business continuity planning (BCP) and disaster recovery (DR)

Buy Now
Questions 17

Scenario: A multinational org uses ZTA to enhance security. They

collaborate with third-party service providers for remote access to

specific resources. How can ZTA policies authenticate third-party

users and devices for accessing resources?

Options:

A.

ZTA policies can implement robust encryption and secure access

controls to prevent access to services from stolen devices, ensuring

that only legitimate users can access mobile services.

B.

ZTA policies should prioritize securing remote users through

technologies like virtual desktop infrastructure (VDI) and corporate

cloud workstation resources to reduce the risk of lateral movement via

compromised access controls.

C.

ZTA policies can be configured to authenticate third-party users

and their devices, determining the necessary access privileges for

resources while concealing all other assets to minimize the attack

surface.

D.

ZTA policies should primarily educate users about secure practices

and promote strong authentication for services accessed via mobile

devices to prevent data compromise.

Buy Now
Questions 18

In a ZTA, where should policies be created?

Options:

A.

Data plane

B.

Network

C.

Control plane

D.

Endpoint

Buy Now
Exam Code: CCZT
Exam Name: Certificate of Competence in Zero Trust (CCZT)
Last Update: Dec 25, 2024
Questions: 60
CCZT pdf

CCZT PDF

$25.5  $84.99
CCZT Engine

CCZT Testing Engine

$30  $99.99
CCZT PDF + Engine

CCZT PDF + Testing Engine

$40.5  $134.99