A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?
To achieve the objective of discovering SaaS applications and blocking access to unapproved or risky ones for a highly distributed remote workforce, the most effective solution would be to implement cloud infrastructure to proxy all user web traffic and control access according to a centralized policy. This approach does not require deploying endpoint agents which can be challenging to manage across a distributed workforce. Instead, it ensures that all user web traffic is routed through a central proxy, allowing for consistent enforcement of security policies, discovery of SaaS applications, and the ability to block access to unapproved or risky applications in a scalable and efficient manner.
CASBs provide you with visibility into how clients and other network nodes are using cloud services. Some of the functions of a CASB are: • Enable single sign-on authentication and enforce access controls and authorizations from the enterprise network to the cloud provider. • Scan for malware and rogue or non-compliant device access. • Monitor and audit user and resource activity. • Mitigate data exfiltration by preventing access to unauthorized cloud services from managed devices.
C is the best answer
This is about identifying and blocking risky Saas access from the users.
Cloud Infrastructure: Using a cloud-based proxy ensures that all web traffic, regardless of the user's location, is routed through a central point where policies can be enforced consistently. SaaS Application Discovery: The proxy can monitor and log all web traffic, enabling the discovery of all SaaS applications being accessed by users. Centralized Policy Enforcement: Centralized policies can be implemented to control access, allowing the organization to block access to unapproved or risky SaaS applications effectively. Scalability and Flexibility: A cloud-based solution is scalable and can easily accommodate a distributed workforce without the need for extensive on-premises infrastructure.
C is the best answer because the remote workforce and it is a standard.
C. Implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy. In a highly distributed remote workforce scenario, implementing a cloud-based solution to proxy all user web traffic and control access according to centralized policy is the most effective approach. This approach allows for centralized control and policy enforcement across all remote users, regardless of their physical location or endpoint device. It also enables the discovery of SaaS applications and the ability to block access to unapproved or risky applications in a scalable and efficient manner. It doesn't rely on installing agents on individual endpoints, making it easier to manage and enforce security policies across a distributed workforce.
CASB is vital for Cloud Mandatory Access Control for all cloud apps and services. Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
B. I would say a proxy here works best
Typo. Answer should be C