A Chief Information Security Officer (CISO) requests the following external hosted services be scanned for malware, unsecured PII, and healthcare data: -> Corporate intranet site -> Online storage application -> Email and collaboration suite Security policy also is updated to allow the security team to scan and detect any bulk downloads of corporate data from the company's intranet and online storage site.
Which of the following is needed to comply with the corporate security policy and the CISO's request?
Click on the arrows to vote for the correct answer
A. B. C. D. E.B.
The Chief Information Security Officer (CISO) has requested that the following external hosted services be scanned for malware, unsecured PII, and healthcare data: Corporate intranet site, Online storage application, and Email and collaboration suite. In addition, the security policy has been updated to allow the security team to scan and detect any bulk downloads of corporate data from the company's intranet and online storage site.
To comply with the corporate security policy and the CISO's request, the following solutions can be used:
A. Port scanner - A port scanner is a tool used to determine which ports are open on a network device. While it may help identify open ports, it is not useful for scanning for malware, unsecured PII, or healthcare data.
B. CASB - A Cloud Access Security Broker (CASB) is a security solution that provides visibility and control over cloud applications and data. It can help identify and prevent the use of unsanctioned cloud applications and enforce security policies. A CASB can help comply with the CISO's request by scanning the online storage application and email and collaboration suite for malware, unsecured PII, and healthcare data.
C. DLP agent - A Data Loss Prevention (DLP) agent is software installed on endpoint devices to monitor and prevent the transmission of sensitive data outside the network. A DLP agent can help comply with the security policy by detecting bulk downloads of corporate data from the company's intranet and online storage site.
D. Application sandbox - An application sandbox is a security mechanism used to isolate and execute untrusted or unknown applications in a controlled environment. While it may help prevent malware infections, it is not useful for scanning for unsecured PII or healthcare data.
E. SCAP scanner - A Security Content Automation Protocol (SCAP) scanner is a tool used to automate security compliance checking for IT systems. It can help identify security vulnerabilities and configuration issues. While it may be useful for scanning for malware and vulnerabilities, it is not useful for scanning for unsecured PII or healthcare data.
In summary, the best solution to comply with the corporate security policy and the CISO's request is to use a CASB to scan the online storage application and email and collaboration suite for malware, unsecured PII, and healthcare data and use a DLP agent to detect bulk downloads of corporate data from the company's intranet and online storage site.