Domain 13 Knowledge Recap

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
10
Video Transcription
00:01
>> This module was all about security as a service.
00:01
We went through the definition
00:01
>> of what exactly that means
00:01
>> and the characteristics of security as a service.
00:01
Then we talked about the pros and cons of SECaaS,
00:01
the benefits and the concerns
00:01
and we finished off examining
00:01
major categories of different kinds of
00:01
SECaaS software that exists out in the marketplace.
00:01
Let's see what you retained
00:01
in this module and even some of these questions I'm
00:01
going to reach back from some of
00:01
the prior modules which were very related to
00:01
topics we discussed to see what
00:01
you've continued to retain from there.
00:01
How is the web security gateway similar to a CASB?
00:01
They identify high threat SaaS providers.
00:01
Network traffic is analyzed as
00:01
it passes through the services.
00:01
They integrate with DLP providers to make
00:01
sure inappropriate data is not
00:01
being hosted with Cloud providers.
00:01
They filter out malicious JavaScript as you surf the web.
00:01
Give it a second and B is the answer.
00:01
I have a few of these answers
00:01
pertain to what CASB would do,
00:01
A and C, whereas D would be
00:01
a great example of the thing web security gateway does.
00:01
But B having the network traffic flow through
00:01
this service provider is key to allowing them to
00:01
examine it and analyze it and identify and perform
00:01
these different actions based
00:01
on they see in the network traffic.
00:01
Which of the following deployment models
00:01
allow for a customer to have
00:01
complete control over the encryption key management
00:01
when implementing a provider's Cloud environment?
00:01
HSM and appliance-based key management,
00:01
virtual appliance,
00:01
software key management,
00:01
provider managed key management,
00:01
or customer managed key management.
00:01
Give it a second. Well, the answer is D.
00:01
Customer managed key management gives you
00:01
the most control because you are
00:01
a customer and you determine how
00:01
that key is going
00:01
to be managed or keys are going to be managed
00:01
those keys are going to be managed.
00:01
You might have an on-premise.
00:01
HSM is going to A, appliance.
00:01
But just because an HSM and appliance is
00:01
used in the course of managing keys,
00:01
doesn't mean the customer is overseeing that HSM.
00:01
It could be a provider hosted HSM appliance.
00:01
Same circumstances I'm thinking
00:01
goes true where a virtual appliance,
00:01
a customer could have virtual appliance provider could,
00:01
so you don't have that same control.
00:01
Then provide managed,
00:01
obviously you don't have as much control
00:01
because you're delegating it out
00:01
for the convenience and the providers
00:01
taking care of a lot of these details.
00:01
If you wanted to make sure your website did
00:01
not suffer from a DDos attack
00:01
or to block anybody trying to
00:01
exercise the SQL Injection exploit,
00:01
which category SECaaS would you look at?
00:01
IAM service, Business Continuity, Disaster Recovery,
00:01
Web Application Firewall,
00:01
Software Incident and Event Management,
00:01
or Cloud Application Security Broker.
00:01
The answer in this case is going to be C,
00:01
a Web Application Firewall that's going
00:01
to help provide a variety of circumstances.
00:01
These are some common examples.
00:01
Modern-day Web Application Firewalls
00:01
are being able to do more,
00:01
adding a layer of intelligence between
00:01
you and your web service
00:01
and the customers that are accessing it.
00:01
Just giving you a little extra layer of
00:01
safety that you're paying
00:01
for and using with these services.
Up Next