🔥 3-day streak
CompTIA SecurityX (CAS-005)118 / 120
Question 118 of 120
A financial services firm is deploying a zero trust access model for its SaaS applications. Users authenticate with phishing-resistant MFA, but the security architect notes that a device compromised after login retains its session and access for the full 8-hour token lifetime. The architect wants to ensure that access decisions reflect the real-time trustworthiness of the endpoint, not just the state at initial sign-in. Which design approach BEST addresses this gap?
Reviewed for accuracy · Report an issueNext question