Which of the following should the analyst recommend?
A company’s Chief Information Officer wants to use a CASB solution to ensure policies are being met during cloud access. Due to the nature of the company’s business and risk appetite, the management team elected to not store financial information in the cloud. A security analyst needs to recommend a solution to mitigate the threat of financial data leakage into the cloud.
Which of the following should the analyst recommend?
A . Utilize the CASB to enforce DLP data-at-rest protection for financial information that is stored on premises.
B. Do not utilize the CASB solution for this purpose, but add DLP on premises for data in motion.
C. Utilize the CASB to enforce DLP data-in-motion protection for financial information moving to the cloud.
D. Do not utilize the CASB solution for this purpose, but add DLP on premises for data at rest.
Answer: C
Explanation:
"CASB solutions generally offer their own DLP policy engine, allowing you to configure DLP policies in a CASB and apply them to cloud services." https://www.mcafee.com/blogs/enterprise/cloud-security/how-a-casb-integrates-with-an-on-premises-dlp-solution/
CASB stands for Cloud Access Security Broker, which is a solution that monitors and controls the access and usage of cloud services by an organization’s users. DLP stands for Data Loss Prevention, which is a solution that prevents unauthorized disclosure or leakage of sensitive data. Utilizing the CASB to enforce DLP data-in-motion protection for financial information moving to the cloud is the best recommendation for a security analyst to mitigate the threat of financial data leakage into the cloud, because it would prevent users from uploading or transferring financial information to cloud services that are not authorized or secure. Utilizing the CASB to enforce DLP data-at-rest protection for financial information that is stored on premises, not utilizing the CASB solution for this purpose but adding DLP on premises for data in motion or data at rest are other possible recommendations, but they are not as effective or relevant as utilizing the CASB to enforce DLP data-in-motion protection for financial information moving to the cloud.
Reference: https://www.csoonline.com/article/3200344/what-is-a-casb-and-why-do-you-need-one.html
Latest CS0-002 Dumps Valid Version with 220 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund