What is the primary assumption behind a perimeter-based network security strategy?

A perimeter-based network security strategy fundamentally operates under the assumption that all components on the internal network can be trusted. This reflects the traditional view of security, where defenses are set up around the perimeter of a network to protect it from external threats. The underlying belief is that once a user or device gains access to the internal network, it is considered safe and secure.

This approach has shaped the way many organizations implement their security measures, relying primarily on firewalls and other perimeter protection technologies to keep malicious actors out, while not placing as much emphasis on monitoring and securing the activities within the internal network.

In contrast, the other options introduce varying degrees of skepticism about the trustworthiness of internal network components. However, those views represent more modern security paradigms that acknowledge the need for more granular security controls within the network—such as zero trust models—where nothing is inherently trusted, even if it resides inside the organization's perimeter.