Skip to Content

CompTIA Security+ 2021 SY0-601: Implement CASB for Secure Access Control and Data Leak Prevention

By: Author Alex Lim

Posted on

Categories Exam

Discover how a Cloud Access Security Broker (CASB) enables organizations to restrict internet service access to authorized users and control user actions, ensuring data security and preventing leaks.

Table of Contents

Question

An analyst is concerned about data leaks and wants to restrict access to internet services to authorized users only. The analyst also wants to control the actions each user can perform on each service. Which of the following would be the best technology for the analyst to consider Implementing?

A. DLP
B. VPC
C. CASB
D. Content filtering

Answer

C. CASB

Explanation

A Cloud Access Security Broker (CASB) is the best technology for the analyst to consider implementing in this scenario. A CASB acts as an intermediary between an organization’s users and cloud service providers, enabling the organization to enforce security policies and control access to cloud-based resources.

Key features of a CASB that make it suitable for the analyst’s requirements:

  1. Access Control: CASBs allow organizations to restrict access to internet services and cloud applications based on user identity, device, location, and other factors. This ensures that only authorized users can access specific services.
  2. User Activity Monitoring: CASBs provide visibility into user actions within cloud services, enabling the analyst to monitor and control what each user can do within each service. This helps detect and prevent unauthorized activities.
  3. Data Loss Prevention (DLP): CASBs often include DLP capabilities, allowing organizations to identify, monitor, and protect sensitive data across multiple cloud services. This helps prevent data leaks by enforcing policies and alerting administrators of potential violations.
  4. Policy Enforcement: CASBs enable consistent security policy enforcement across multiple cloud services, ensuring that the organization’s security requirements are met regardless of the service being used.

While DLP focuses specifically on preventing data leaks, VPC provides network-level segmentation, and content filtering controls access to web content, a CASB offers a comprehensive solution that addresses the analyst’s concerns about restricting access to internet services and controlling user actions within each service.

CompTIA Security+ 2021 SY0-601 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA Security+ 2021 SY0-601 exam and earn CompTIA Security+ 2021 SY0-601 certification.