On the SY0-701, you will catch more than a few questions related to zero trust.

• It’s a big update related to the new exam, and you’ll need to understand a few nitty-gritty details to pass.
• We won’t get into those nitty-gritty details in this lab. Still, I would like to introduce the concept and show how an Active Directory environment in a default state can completely disregard the principle of zero trust.
  • Setting up a zero-trust environment takes a lot of thought and consideration to get right.

What is Zero Trust, and Why is it Important?

Zero Trust is a security model and framework that operates on the principle of "never trust, always verify." Unlike traditional security models relying on perimeter defenses, Zero Trust assumes that threats can exist outside and inside the network. Therefore, it continuously verifies every request as though it originates from an open network, regardless of where it comes from or what resources it tries to access.

Key Principles of Zero Trust:

• Least Privilege Access: Users and applications should have the minimum level of access necessary to perform their tasks. This reduces the potential damage from compromised accounts or applications.
• Micro-Segmentation: Networks are divided into smaller, isolated segments to prevent attackers from moving laterally across the network. Each segment has its own security controls and policies.
• Continuous Monitoring and Validation: Security isn't a one-time check. Zero Trust requires continuous monitoring of user behavior and network activity to detect anomalies and potential threats.
• Assume Breach: Zero Trust operates under the assumption that an attack can and will occur. This mindset drives proactive security measures and quick detection and response strategies.

Why Zero Trust is Important:

1. Adapting to Modern Threats: Traditional perimeter-based security models are increasingly ineffective against modern cyber threats, which often exploit internal weaknesses. Zero Trust provides a more robust framework to defend against internal attacks.
2. Protecting Sensitive Data: By enforcing strict access controls and continuous monitoring, Zero Trust helps safeguard sensitive data from unauthorized access and breaches, ensuring compliance with regulations like GDPR, HIPAA, and others.
3. Mitigating Insider Threats: Internal actors can pose significant risks to an organization. Zero Trust reduces the risk of insider threats by limiting access to only what's necessary and continuously verifying user activities.

Lab Requirements:

• You’ll need your Active Directory Environment
  • Domain Controller
  • Windows Client 1
  • Windows Client 2

Lab Objectives:

• Configure PowerShell remoting.
• Examine how tickets grant access laterally across an Active Directory network.

Log into the Windows server and create a domain user named ‘Lateral.’