Zero Trust

A security model that trusts no user or device by default and verifies every access request.

Zero trust is a security architecture built on the principle that no user, device, or network segment is inherently trusted — every access request must be authenticated, authorized, and continuously validated regardless of whether it originates inside or outside the corporate network. This contrasts sharply with the older perimeter model, which trusted traffic once it cleared the firewall. Zero trust relies on identity-aware access controls, micro-segmentation, and least-privilege enforcement to contain breaches. On the Network+ exam, watch the distinction from traditional NAC: NAC enforces policy at connection time, while zero trust applies continuous verification throughout a session — a device that passes NAC can still be denied resources if its posture later changes.

PlayPrepHQ study notes are written and reviewed against primary exam sources. How we create & review content →

Related terms

Back to Network Security