Study ISC2 CISSP Wireless and Zero Trust: key concepts, common traps, and exam decision cues.
On this page
The exam treats wireless and remote access as a trust problem first. The question is not just how users connect. The question is how identity, device state, path protection, and least privilege combine before access is granted.
Access-choice map
Requirement
Better first instinct
let remote staff reach internal apps safely
strong user authentication plus controlled remote-access path
keep guest wireless away from business systems
separate SSIDs and network segmentation
reduce implicit trust based on network location
identity-aware and context-aware access decisions
validate device health before broader access
NAC or posture-aware access control
What the exam is really testing
If the stem says…
Strong reading
“remote workforce”
the answer probably involves identity strength and device trust, not only tunneling
“wireless convenience”
convenience should not collapse isolation and authentication requirements
“zero trust”
location alone should not grant broad access
Decision order that usually wins
Start with who is requesting access and from what device.
Check whether the scenario is about wireless segregation, remote path protection, or continuous authorization.
Validate identity strength and device posture before broad access.
Limit access to the specific application or segment needed.
Reassess trust continuously instead of granting it from location alone.
This domain rewards answers that treat identity, device state, and authorization as separate gates. “On the corporate network” is not enough by CISSP standards.
Scenario triage
Scenario
Better first move
remote user needs app access
combine strong authentication, secure path, and scoped authorization