Correct Answer:
C
In a ZTA, policies should be created in the control plane, which is the logical component that defines
and manages the policies for accessing resources.The control plane consists of policy entities, such
as policy administrators, policy engines, and policy decision points, that are responsible for crafting,
maintaining, evaluating, and enforcing the policies1.The control plane interacts with the data plane,
which is the logical component that handles the data transmission and processing, and the network,
which is the physical or virtual component that provides the connectivity and transport for the data
plane1.The endpoint is the device or system that requests or provides access to a resource1.
Reference=
Zero Trust Architecture | NIST
