Correct Answer:
A
In a ZTA, a policy decision point (PDP) is a logical component that evaluates the incoming signals
from an entity requesting access to a resource against a set of access determination criteria, such as
identity, context, device, location, and behavior1.A PDP then makes a decision to grant or deny
access, or to request additional information or verification, based on the policies defined by the
policy administrator1.A policy enforcement point (PEP) is a logical component that uses the
incoming signals from the PDP to open or close a connection between the entity and the
resource1.A PEP acts as a gateway or intermediary that enforces the decision made by the PDP and
prevents unauthorized or risky access2.
Reference=
Zero Trust Architecture | NIST
Policy Enforcement Point (PEP) - Pomerium
