🛡️

Zero Trust Architecture

Never trust, always verify — the security model replacing perimeter firewalls in modern cloud and enterprise networks.

Intermediate0.9 hours8 lessons
Start Course →

What You'll Learn

  • Articulate why perimeter security fails for cloud and remote work
  • Apply the NIST 800-207 zero-trust principles to architecture decisions
  • Use identity (users, devices, workloads) as the primary control plane
  • Design microsegmentation that limits blast radius
  • Implement device-trust signals and conditional access
  • Understand policy engines (PEP / PDP / PA) and decision flows
  • Replace VPNs with Zero Trust Network Access (ZTNA)
  • Plan a phased adoption against the CISA Zero Trust Maturity Model

Prerequisites

  • Networking fundamentals (TCP/IP, DNS, TLS)
  • Identity basics (SSO, OAuth, SAML, OIDC)
  • Some exposure to cloud (AWS / Azure / GCP) or enterprise IAM

Course Curriculum

Module 1: Foundations

  1. 01What Zero Trust Is (and Is Not)6 min
  2. 02NIST 800-207 and the CISA Maturity Model7 min

Module 2: The Pillars

  1. 01Identity: The New Perimeter7 min
  2. 02Device Trust and Posture6 min
  3. 03Network Microsegmentation7 min
  4. 04Data and Workload Protection6 min

Module 3: Implementation

  1. 01Policy Engines and Enforcement7 min
  2. 02A Practical Adoption Roadmap6 min

Practice for the Real Exam

After completing this course, test yourself with exam-style practice questions.

Practice COMPTIA SECURITYX CAS 005 QuestionsPractice CCSP QuestionsPractice SSCP Questions