Question

The Chief Information Security Officer directed a risk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access. Which of the following is the BEST security solution to reduce this risk?

1) CASB
2) VPN Concentrator
3) MFA
4) VPC Endpoint

Answer 1

The BEST security solution to reduce the risk of unsanctioned high-risk SaaS applications is a Cloud Access Security Broker (CASB).

Step-by-step explanation:

The Chief Information Security Officer has directed a risk reduction in shadow IT and implemented a policy to block unsanctioned high-risk SaaS applications. The BEST security solution to reduce this risk is a Cloud Access Security Broker (CASB). A CASB provides visibility into cloud applications being used within an organization, and it can help enforce security policies by blocking or allowing access to different cloud services based on predefined rules.

CASBs often include features like user behavior analytics, data loss prevention, and access control, which are crucial for mitigating risks associated with unsanctioned SaaS applications. By implementing a CASB, organizations can monitor and control the usage of cloud applications, ensuring that high-risk applications are blocked from user access.