Ian’s organization uses a root certificate authority that only allows certificate signing locally. All certificates are transferred via USB drives because the system is not connected to the network. What type of security design is in use?

This is an example of air gapped design where there is no network connectivity. This prevents network-based attacks from being possible against the high-value certificate authority server. Port security is used to enable or disable network ports. Defense-in-depth is a design concept that relies on layers of defenses to ensure security. Zero trust requires continuous authentication and rights verification to provide ongoing security for a network or system architecture.