this model was all about security. As a service, we went through the definition of what, exactly that means
and the characteristics of security as a service that we talked about the pros and cons of SEC ***, the benefits and the concerns. And we finished off examining major categories of different kinds of SEC as software that exists out in the marketplace.
So let's see what you retained in this module and even some of these questions I'm gonna reach back from some of the prior modules, which were very related to topics we discussed to see what you've continued to retain from there.
How is the Web security gateway similar to a cast?
They identify high threat SAS providers.
Network traffic is analysed as it passes through the services
they integrate with DLP providers to make sure inappropriate data is not being hosted with cloud providers.
flow through this service provider
is key to allowing them to examine it and analyze it and identify and perform these different actions based on what they see in the network. Traffic.
Which of the following deployment models allow for a customer to have complete control over the encryption? Key management When implementing a provider's cloud environment.
HSM, an appliance based key management
virtual appliance software key management
provider, managed key management or customer managed key management
give it a second. Well, the answer is D customer managed Key management gives you the most control because you are a customer and you determine how that key is going to be manager. How those keys are going to manage. You might have an on premise HSM going to a appliance. But just because NHS seminar appliance is used in the course of managing keys
doesn't mean the customer is is overseeing that HSM. It could be a provider
hosted HSM appliance. Same circumstances and thinking goes true. Where virtual appliance customer could have virtual plants provider could, so you don't have that same control and then provider managed. Obviously, you don't have as much control because you're delegating it out for the convenience and the providers taking care of a lot of these details.
If you wanted to make sure your website did not suffer from Adidas attack or to block anybody trying to exercise the sequel injection exploit which category seconds would you look at?
I am service
Business Continuity, Disaster Recovery, Web application, Firewall, software incident and Event Management or Cloud Application Security broker.
So the answer in this case is gonna be see a Web application firewall that's gonna help provide a variety of circumstances. Thes air. Some common examples. Modern day Web application firewalls are being able to doom or and mawr adding a layer of intelligence between you
in your Web service and the customers that are accessing it, just giving him a little extra layer of safety that you're paying for and using with these services.