Question

A SaaS provider decides to offer data storage as a service. For simplicity, the company wants to make the service available over industry standard APIs, routable over the public Internet.

Which of the following controls offers the MOST protection to the company and its customer's information?

A. Detailed application logging
B. Use of non-standard ports
C. Web application firewall
D. Multifactor authentication

Answer 1

The control that offers the most protection in this scenario is multifactor authentication. So, option D is correct.

Step-by-step explanation:

The control that offers the most protection to the company and its customer's information in this scenario is multifactor authentication. Multifactor authentication (MFA) requires users to provide two or more pieces of evidence to verify their identity, such as a password and a unique code sent to their mobile device. This adds an extra layer of security and reduces the risk of unauthorized access to the data.

Detailed application logging, while important for monitoring and troubleshooting, does not directly protect against unauthorized access. The use of non-standard ports can provide some level of obscurity, but skilled attackers can still discover and exploit them. A web application firewall helps protect against common web-based attacks but may not be sufficient on its own in this case.

While options like detailed application logging (Option A), use of non-standard ports (Option B), and web application firewalls (Option C) contribute to security, they are not as comprehensive as MFA in preventing unauthorized access, which is crucial when providing data storage services over the public Internet. MFA adds an extra layer of defense against various cyber threats and is a fundamental security measure in modern IT environments.