Which of the following security tools will ensure authorized data is sent to the application when implementing a cloud-based application?
Which of the following security tools will ensure authorized data is sent to the application when implementing a cloud-based application?
An Access Control List (ACL) is used to control access to network resources by defining rules that specify which users or systems are allowed to access specific resources and what actions they are allowed to perform. With an ACL, you can ensure that only authorized data is sent to the application by specifying which users or systems have permission to send data to the cloud-based application. This makes ACL the most appropriate choice for ensuring authorized data is communicated within a cloud environment.
going for DLP
C is correct
Access control list (ACL) is a security tool that can ensure authorized data is sent to the application when implementing a cloud-based application. It controls access to network resources by defining rules that specify which users or systems are allowed to access specific resources and what actions they are allowed to perform on those resources.
Clearly in the minority here but DLP doesn't make any sense to me. Verifying data that is being sent to an app really isn't DLP. Leaving the app, it might have made sense.
I see a lot of folks here going with C. Data loss prevention (DLP) because they are blindly believing Chatgpt answers. C. is the answer chatgpt gives and it's the wrong answer. If you challenge chatgpt to review the question again, it will change it's answer to B. Access control list (ACL). Based on the question, there's no way the answer can possibly be DLP. ACL is the correct answer. 100%.
How is it DLP? the questions is asking how can we ensure that authorized data is sent to the app. Data Loss Prevention doesnt do this... The only tech that can remotely do this, although not the most effective way, is going to be the ACL based on these answer choices. ACL is the only one that can limit anything going anywhere.
cloud based application , i think correct C
Data loss prevention (DLP) Rule-based software that is specialized toward preventing data exfiltration. It operates by recognizing and blocking unauthorized outbound data flows; it can be placed on hosts or network devices.
Right - DLP is blocking unauthorized outbound data flows. This question is about ensuring authorized data is sent to the application.
Answer is C - CISSP Official Study Guide pg 189 - "Network-Based DLP A network-based DLP scans all outgoing data looking for specific data. Administrators place it on the edge of the network to scan all data leaving the organization. If a user sends out a file containing restricted data, the DLP system will detect it and prevent it from leaving the organization. The DLP system will send an alert, such as an email to an administrator. Cloud-based DLP is a subset of network-based DLP."
think C?
To ensure that authorized data is sent to the application when implementing a cloud-based application, a data loss prevention (DLP) tool would be most effective. DLP tools are designed to prevent unauthorized access, use, or transmission of sensitive data. They can be used to monitor and control data in transit, and ensure that only authorized users and applications can access and use it.
ACL controls inbound access/data DLP does the opposite. The question talks about data sent to (inbound) the application: Access Control Lists (ACLs) are a security mechanism used to control access to resources based on user permissions. In the context of a cloud-based application, ACLs can be applied to data and resources to control who can access, modify, or send data to the application.
An Access Control List (ACL) is used to define who can access a resource and what operations they can perform once they access it. In the context of ensuring that only authorized data is sent to an application, an ACL can be set up to allow only specific data or requests from authorized sources to reach the application, especially in a cloud-based environment.
The question is specifically asking for a tool that ensures authorized data is sent to the application. The correct answer is: B. Access control list (ACL) Access control lists (ACLs) are used to specify which users or systems have permission to access specific resources or applications. By configuring ACLs, you can control and restrict access to the application, ensuring that only authorized users or entities can send data to it.
In the context of the original question about ensuring that only authorized data is sent to the application, the answer "Data Loss Prevention (DLP)" would be more specific and relevant to ensure that the data being sent complies with security policies and is not . violate specific restrictions. ACL no, it assures that it is a guide to what should be, I think the key word here is "will ensure", I choose C.
Sorry, I wanted to say that I'm going with "B" - ACL
ACL is static and does not understand applications. Cloud services are dynamic, they usual use DNS to reach them. So ACL needs to be update if the Cloud services changes IP. Also if IP is changed, and ACL is not, it could send the correct data to the new IP host address. On top of this how does ACL stops IP spoofing? DLP is at least controlling at contend level which is more appriate, ACL is at the network layer.
Why not HIPS instead of ACL?
Woeful question - ACL due to integration with NAT? Dont see why it's DLP.