Question

The company that Dan works for has recently migrated to a SaaS provider for its enterprise resource planning (ERP) software. In its traditional on-site ERP environment, Dan conducted regular port scans to help with security validation for the systems. What will Dan most likely have to do in this new environment?

A. Use a different scanning tool.
B. Rely on vendor testing and audits.
C. Engage a third-party tester.
D. Use a VPN to scan inside the vendor's security perimeter

Answer 1

In the new SaaS environment, Dan will most likely have to rely on vendor testing and audits for security validation of the systems.

Step-by-step explanation:

In the new SaaS environment, Dan will most likely have to rely on vendor testing and audits for security validation of the systems.

Unlike in the traditional on-site ERP environment where Dan conducted regular port scans, the responsibility for security validation now lies with the SaaS provider.

Using a different scanning tool, engaging a third-party tester, or using a VPN to scan inside the vendor's security perimeter are not necessary actions for Dan in this new environment.

Since the infrastructure is owned and managed by the SaaS provider, Dan's company would typically have limited or no ability to conduct traditional in-house security validations such as port scans. Instead, the company would depend on the security measures implemented by the SaaS provider and may request security certifications, audit reports, or rely on third-party testing that the provider agrees to facilitate.