Valid CAS-005 Dumps shared by EduDump.com for Helping Passing CAS-005 Exam! EduDump.com now offer the newest CAS-005 exam dumps, the EduDump.com CAS-005 exam questions have been updated and answers have been corrected get the newest EduDump.com CAS-005 dumps with Test Engine here:
A security architect is designing Zero Trust enforcement policies for all end users. The majority of users work remotely and travel frequently for work. Which of the following controls should the security architect do first?
Correct Answer: D
Zero Trust security is based on the principle of "never trust, always verify." For a mobile and frequently traveling workforce, enforcing rigid access models without adaptability creates friction and hampers productivity. The first priority in Zero Trust design for such a workforce is to deploy context-aware reauthentication combined with User Behavior Analytics (UBA). This ensures that deviations from baseline user behavior-such as unusual geographic access, time of day anomalies, or device changes-trigger additional authentication or session restrictions. Option A (hardware OTPs) enhances authentication security but does not provide adaptive, risk-based controls for varying user behavior. Option B (TLS decryption) focuses on network traffic inspection, which is important but secondary to ensuring identity and access enforcement in a Zero Trust model. Option C (posture compliance checks) is necessary but typically part of ongoing device security enforcement rather than the initial step. By starting with context-aware reauthentication, the organization ensures its Zero Trust strategy adapts dynamically to user behavior, providing both stronger security and a smoother experience for a global, remote workforce.