Chapter 10 - 03 - Discuss the Insights of Cloud Security and Best Practices - 11_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing Cloud Access Security Broker (CASB) O Cloud Ac...

Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing Cloud Access Security Broker (CASB) O Cloud Access Security Brokers (CASBs) are on-premise or cloud-hosted solutions responsible for enforcing security, compliance, and governance policies for the cloud applications O CASBs are placed between the cloud service consumers and service providers QO Azure security services includes CASB functionality Computer Y @ Visibility Enterprise integration & Compliance APl access Wescsicstiesnsstnasiinnnes 'Y N BT > © Data Security Mobile © Threat Protection Organization Cloud Services Copyright © by AL All Rights Reserved. Reproductionis Strictly Prohibited Cloud Access Security Broker (CASB) Cloud access security brokers (CASBs) are on-premise or cloud-hosted solutions. They are responsible for enforcing security, compliance, and governance policies in the cloud applications. A CASB is located between the on-premise infrastructure of an organization and the infrastructure of a cloud provider. It acts as a gatekeeper that enables organizations to extend their security policies beyond their own infrastructure. Features of CASB = Visibility into cloud usage It finds shadow IT cloud services and provides visibility into the user activities with the allowed cloud applications. = Data security It enforces data-centric security encryption, tokenization, access control, and information rights management. *= Threat protection It detects and respondsto malicious insider threats, privileged user threats, and compromised accounts. = Compliance It discovers critical data in the cloud and enforces DLP policies to satisfy the data residency and compliance requirements. Module 10 Page 1389 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing CASBs offer the following: Firewalls to identify malware, thereby preventing the malware from entering the enterprise network. Authentication for user credentials, ensuring that only the allowed users can access the required organizational resources. WAFs to prevent malware from breaching security at the application level instead of the network level. DLP prevents users from transferring critical information outside the organization. How CASBs work: A CASB works by Ensuring network traffic between on-premise devices and the cloud provider complies with the organizational security policies. Provides insights into the use of cloud applications across cloud platforms and identifies unsanctioned use. Uses auto-discovery to identify o Cloud applications in use o High-risk applications o High-risk users Enforcing different security access controls such as encryption and device profiling. Providing services such as credential mapping when SSO is not available. -] CIISY EHIRNISY Visibility Enterprise integration Compliance API access Wrrasssnssssassaessessesp Wrrasssnssssassaessesesp @ Bl gesssasrsasinatsnsinnanns gesssasrsasinatanatnnanns » Data Security Mobile Threat Protection PaasS CASB Organization Cloud Services Figure 10.68: Cloud access security broker (CASB) Module 10 Page 1390 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing CASB Solutions Forcepoint CASB provides key features such as cloud application discovery, cloud application risk scoring, data classification, user Forcepoint | and application governance, real-time activity McAfee MVISION Cloud CASB https.//www.mcofee.com https//www.mcofee.com monitoring/analytics, automatic anomaly detection, data loss prevention, and integration with third-party solutions o Cisco Cloudlock https://www.cisco.com Bitglass Cloud Security https.//www.bitglass.com =21 21 — Microsoft Cloud App Security https//www.microsoft.com https.//www.microsoft.com | | |I - @ P - () (l) ForticAss FortiCASB https//www.fortinet.com Forcepoint CASB User Risk Dashboard https://www.forcepoint.com I Copyright © by by | L All Rights Rights Reserved. Reproduction ReproductionIs Strictly Prohibited. CASB Solutions = Forcepoint CASB Source: https://www.forcepoint.com Forcepoint CASB provides complete security for all cloud applications. Its key features include cloud application discovery, cloud application risk scoring, data classification, user and application governance, real-time activity monitoring/analytics, automatic anomaly detection, data loss prevention, and integration with third-party solutions. User Rjsa Riss DI‘IN‘U\' Dashooard 8 USERS USERS AT AT RISK RISK oADMINCE |- NOR ADMN ¢ UATRY [0} 6 | 2 v [@ Wt ®@ Ol =i O —1 a — [e~oneum] == [omme— ] l[ [ | I] ser e omn @ @ -e, e e a—> Figure 10.69: Screenshot of Forcepoint CASB User Risk Dashboard Module 10 Page 1391 EC-Council Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Certified Cybersecurity Technician Technician Exam 212-82 Exam 212-82 Virtualization and Cloud Computing Virtualization Computing Additional CASB solutions include the following: = McAfee McAfee MVISION Cloud (https.//www.mcafee.com) (https://www.mcafee.com) = (Cisco Cloudlock (https.//www.cisco.com) = Bitglass Cloud Security (https://www.bitglass.com) = Microsoft Microsoft Cloud App Security (https://www.microsoft.com) = FortiCASB FortiCASB (https.//www.fortinet.com) Module Module 10 Page 1392 Certified Certified Cybersecurity Cybersecurity Technician Technician Copyright ©© by EC-Gouncil EG-Gomncil All Reproduction isis Strictly Prohibited. All Rights Reserved. Reproduction Prohibited. Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing Next-Generation Secure Web Gateway (NG SWG) NG SWG is a cloud-based security solution that protects an organization’s network from cloud-based threats, malware infections, and data theft activities and allows clients to securely access cloud services X @) | ( TN e H ]. (™ NG SWG Solutions........... NANY, ‘ O wecen Netskope Next Gen Secure https://www.netskope.com 1211100 g : ,@JI?A £ N::NG; 'y oLP ‘>........... [} o MVISION UCE..... https://www.mcafee.com \ °’

Use Quizgecko on...
Browser
Browser