Question

An attacker has been compromising banking institution targets across a regional area. The Chief Information Security Officer (CISO) at a local bank wants to detect and prevent an attack before the bank becomes a victim.

Which of the following actions should the CISO take?

A. Utilize cloud-based threat analytics to identify anomalous behavior in the company's B2B and vendor traffic
B. Purchase a CASB solution to identify and control access to cloud-based applications and services and integrate them with on-premises legacy security monitoring
C. Instruct a security engineer to configure the IDS to consume threat intelligence feeds from an information-sharing association in the banking sector
D. Attend and present at the regional banking association lobbying group meetings each month and facilitate a discussion on the topic

Answer 1

The answer is option B. The CISO should utilize cloud-based threat analytics, purchase a CASB solution, and configure the IDS to consume threat intelligence feeds.

Step-by-step explanation:

The Chief Information Security Officer (CISO) at a local bank should take the following action:

Utilize cloud-based threat analytics to identify anomalous behavior in the company's B2B and vendor traffic. This will help detect any unusual activity that could indicate a potential attack.

Purchase a CASB (Cloud Access Security Broker) solution to identify and control access to cloud-based applications and services, and integrate them with on-premises legacy security monitoring. This will provide visibility and control over cloud services, reducing the risk of a successful attack.

Instruct a security engineer to configure the IDS (Intrusion Detection System) to consume threat intelligence feeds from an information-sharing association in the banking sector. This will ensure the IDS is up-to-date with the latest known threats and can detect and prevent attacks effectively.