Trust Boundaries and Trust Zones
1. In a system architecture diagram, the line between the public internet and the internal API is marked as a boundary where all traffic must be authenticated. What is this boundary called?
2. Components inside the corporate VPN are assigned a higher trust level than components in the DMZ, which in turn have a higher trust level than the public internet. What does this hierarchy represent?
3. The principle that services should only have access to exactly the resources they need for their specific function is called:
4. A microservice running in a Kubernetes pod should not be able to access the production database directly — it should only call the data access service. What architectural principle does this reflect?
5. The security team annotates an architecture diagram to show which components can call which others, and what credentials or tokens are required at each boundary. What is this document called?
Exercise complete!
out of 5 questions