The correct answer isCbecause Aruba Zero Trust Network Access (ZTNA) fundamentally reduces risk by replacing broad, implicit trust models of VPNs withleast-privilege, identity-based access policies. Instead of giving remote users blanket access to the network, ZTNA dynamically enforcesapplication- and user-specific policies, shrinking the attack surface and preventing lateral movement.
Relevant extracts from official HPE Aruba Networking documentation:
“ZTNA applies Zero Trust principles by continuously verifying user and device identity and assigning least-privilege access based on contextual factors.”
“Unlike traditional VPNs that extend full network access, Aruba ZTNA provides per-application access, dramatically reducing the attack surface.”
“With automated policy enforcement, Aruba ZTNA ensures secure access while preventing unauthorized lateral movement across the network.”
“ZTNA secures the remote workforce by combining granular access control with Zero Trust segmentation, delivering stronger security than legacy VPN models.”
Why the other options are incorrect:
AScalability is a benefit, but it is not the key distinguishing factor compared to VPN—least-privilege security is the core differentiation.
BAruba ZTNA is cloud-native, not dependent on an on-prem management platform, so this is inaccurate.
DLower cost is not the primary positioning; the value lies in enhanced security and reduced risk.
References (HPE Aruba Networking Solutions / Study Guides):
Aruba Zero Trust Network Access (ZTNA) — Solution Overview
Aruba ESP Zero Trust Security — Technical White Paper
Aruba SSE and ZTNA for Remote Workforce — Product Brief
Aruba Security and Access Control — Deployment Guide
===========
Submit