An analyst is concerned about data leaks and wants to restrict access to internet services to authorized users only. The analyst also wants to control the actions each user can perform on each service. Which of the following would be the best technology for the analyst to consider Implementing?
To best address the analyst's concerns about data leaks and restricting access to internet services to authorized users while also controlling user actions on these services, the Cloud Access Security Broker (CASB) technology is the most suitable. CASB provides visibility and control over user activities across various cloud services, enforcing security policies tailored to users, devices, locations, and actions performed. This granular control is essential for both safeguarding sensitive data and ensuring that only authorized users can access and interact with internet services, which aligns perfectly with the analyst's requirements.
Please guys don't spread confusion if you are not sure about the answer then don't say anything... This question is not talking about 'only data leaks' it is talking about restricting access to internet services and controlling the actions on these services. One thing i know for sure is that DLP won't do that for you. So the answer to this question is C = CASB (Cloud Access Security Broker).
CASB is obviously the answer, it can can block or monitor the transfer of sensitive data and it can restrict access to internet to only authorize users this DLP cannot do.
I see your point but its a massive leap to jump straight into cloud based technology. The Q doesn’t mention anything about cloud to if anything CASB is a trick option for over-thinkers.
It says "internet services" and majority of the time, these services are pushed though the cloud.
CASB is a security solution that provides visibility and control over the use of cloud services by employees within an organization. It helps enforce security policies and ensures that access to internet services is restricted to authorized users only. CASB allows the organization to define granular policies based on users, devices, locations, and activities, enabling them to control the actions each user can perform on each cloud service. By deploying CASB, the analyst can gain better visibility into data usage and potential data leaks, and apply security policies to prevent unauthorized access and actions on internet services. This can help protect sensitive data and mitigate the risks associated with the use of cloud services within the organization.
Perhaps if they mentioned the word cloud in the question, it would become more clear that Answer C and not Answer A (DLP) is the correct one.
A seems right answer
As much as i love ApplebeesWaiter1122 I will have to go with DLP here. This scenario mentions nothing about the cloud.
Then Again.... It Could very well be C. CASBs are easy to deploy and use. While most CASBs are deployed in the cloud, on-premise options are available. CASBs operate with three different deployment models, and multimode CASBs that utilize all three offer the most flexibility and robust protection. https://www.microsoft.com/en-us/security/business/security-101/what-is-a-cloud-access-security-broker-casb#:~:text=threats%20or%20violations.-,How%20to%20implement%20a%20CASB,most%20flexibility%20and%20robust%20protection. Typically, CASB vendors offer their services as cloud-hosted software, although some CASBs also offer on-premise software or on-premise hardware appliances. https://www.cloudflare.com/learning/access-management/what-is-a-casb/
when in doubt, CASB it out
If you think it’s DLP you are not ready for the exam yet. The first sentence is out there to throw you off.
There isn’t a single mention of cloud so there is absolutely NO WAY its CASB. A is correct
CASB also provides DLP https://www.microsoft.com/en-us/security/business/security-101/what-is-a-cloud-access-security-broker-casb
I think the guys who are choosing C are causing more confusion...
Selected Answer: A
Guys, it's A) DLP as there are no mention about cloud. I researched on it too.
By safeguarding data as it traverses networks, including the internet, intranets, and extranets, network DLP solutions help organizations maintain control over their sensitive information and prevent unauthorized access. Network DLP software provides additional benefits, such as: - Increased visibility into network traffic - Content inspection to prevent unauthorized access or exfiltration of sensitive information https://www.splunk.com/en_us/blog/learn/dlp-data-loss-prevention.html
There is no mention of Cloud applications here so CASB could not be the correct answer
While both CASBs and DLP solutions are used to protect an organization’s data, they differ in their focus. A CASB is focused on cloud services and applications, whereas a DLP tool strives to address all of an organization’s internal data resources, whether in the cloud, on-premises, or stored in endpoints.
Final Answer is A. Just do a DPL vs CASB Comparison.