Zero Trust architecture emphasizes imposing access control dynamically or just in time. Which of the following is least related to the concept of just in time? (Wentz QOTD)
A. Require using the “sudo” utility for privileged activities
B. Lockdown administrative ports on the firewall and open them only after authentication
C. Provision identities and permissions when users visit service providers for the first time
D. Facilitate authentication so that users can sign on once and access resources across systems
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Facilitate authentication so that users can sign on once and access resources across systems.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
The term just-in-time (JIT) emerges from the Toyota production system. JIT is an inventory management strategy that orders inventory on an as-needed or on-demand basis. In the context of security, many activities can be conducted just in time—for example, identity provisioning, certificate registration, authorization, privilege escalation, etc.
Facilitating authentication so that users can sign on once and access resources across systems is the description of single sign-on (SSO). It’s not related to the concept of just-in-time.
Reference
- AWS Just-in-time provisioning
- AWS Just-in-time registration
- What is Just-in-Time (JIT) Provisioning?
- Difference Between SAML SSO & Just-in-Time (JIT) Provisioning
- What is Just-in-Time (JIT) Privileged Access?
- What is Just-in-time Privileged Access?
- Just-In-Time – Toyota Production System guide
- Just-In-Time (JIT) Inventory Management
零信任(Zero Trust)架構強調動態或及時(just in time)實施訪問控制。 以下哪一項與“及時”的概念最不相關? (Wentz QOTD)
A. 要求使用“sudo”程序來進行特權活動
B. 鎖定防火牆上的管理端口並僅在身份驗證後打開它們
C. 用戶首次訪問服務提供商時供裝(provision)身份和權限
D. 促進身份驗證,以便用戶只需登錄一次即可跨系統訪問資源
Pingback: 及時生產 ( just-in-time) – Choson資安大小事