Final answer:
To comply with the CISO's request, a CASB is needed to monitor cloud services, a DLP agent to prevent data leaks, and an SCAP scanner to check for vulnerabilities. These tools will ensure the security and privacy of the company's data, adhering to the corporate security policy. so, option B, C and E is the correct answer.
Step-by-step explanation:
A Chief Information Security Officer (CISO) is tasked with ensuring the security and privacy of a company's data, especially sensitive information such as Personally Identifiable Information (PII) and healthcare data. In the context of the request made by the CISO to scan external hosted services for malware, unsecured PII, and healthcare data, and to detect bulk downloads from the corporate intranet and online storage, certain security tools would be appropriate.
To comply with the updated security policy and the CISO's request, the following tools are needed:
- B. CASB (Cloud Access Security Broker): A CASB can monitor and secure data movement across cloud services. It is well-suited to scan for unsecured PII, healthcare data, and unauthorized access or exfiltration (bulk downloads).
- C. DLP Agent (Data Loss Prevention): The DLP agent would be responsible for monitoring and preventing potential breaches or data leaks, which includes scanning for unsecured sensitive data within the company's online environments.
- E. SCAP Scanner (Security Content Automation Protocol): SCAP can automate the process of scanning for vulnerabilities, including the presence of malware, within systems and applications.
While a port scanner, application sandbox, and the other options listed can be useful in certain contexts, the CASB, DLP agent, and SCAP scanner are the tools that would best fulfill the CISO's request in accordance with the corporate security policy.