Chapter 10 - 03 - Discuss the Insights of Cloud Security and Best Practices - 11_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Virtualization and Cloud Computing

Cloud Access Security Broker (CASB)
O Cloud Access Security Brokers (CASBs) are on-premise or cloud-hosted solutions responsible for
enforcing security, compliance, and governance policies for the cloud applications
O CASBs are placed between the cloud service consumers and service providers

QO Azure security services includes CASB functionality

Computer

Y
@ Visibility
Enterprise integration & Compliance APl access
Wescsicstiesnsstnasiinnnes 'Y N BT >
© Data Security
Mobile © Threat Protection

Organization Cloud Services

Copyright © by AL All Rights Reserved. Reproductionis Strictly Prohibited

Cloud Access Security Broker (CASB)
Cloud access security brokers (CASBs) are on-premise or cloud-hosted solutions. They are
responsible for enforcing security, compliance, and governance policies in the cloud
applications. A CASB is located between the on-premise infrastructure of an organization and
the infrastructure of a cloud provider. It acts as a gatekeeper that enables organizations to
extend their security policies beyond their own infrastructure.

Features of CASB

= Visibility into cloud usage
It finds shadow IT cloud services and provides visibility into the user activities with the
allowed cloud applications.
= Data security

It enforces data-centric security encryption, tokenization, access control, and
information rights management.

*= Threat protection

It detects and respondsto malicious insider threats, privileged user threats, and
compromised accounts.
= Compliance
It discovers critical data in the cloud and enforces DLP policies to satisfy the data
residency and compliance requirements.

Module 10 Page 1389 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Virtualization and Cloud Computing

CASBs offer the following:
Firewalls to identify malware, thereby preventing the malware from entering the
enterprise network.

Authentication for user credentials, ensuring that only the allowed users can access the
required organizational resources.
WAFs to prevent malware from breaching security at the application level instead of the
network level.
DLP prevents users from transferring critical information outside the organization.

How CASBs work:

A CASB works by
Ensuring network traffic between on-premise devices and the cloud provider complies
with the organizational security policies.
Provides insights into the use of cloud applications across cloud platforms and identifies
unsanctioned use.
Uses auto-discovery to identify
o Cloud applications in use
o High-risk applications
o High-risk users
Enforcing different security access controls such as encryption and device profiling.
Providing services such as credential mapping when SSO is not available.

-]
CIISY
EHIRNISY Visibility
Enterprise integration Compliance API access
Wrrasssnssssassaessessesp
Wrrasssnssssassaessesesp
@ Bl gesssasrsasinatsnsinnanns
gesssasrsasinatanatnnanns »
Data Security
Mobile Threat Protection

PaasS

CASB
Organization Cloud Services

Figure 10.68: Cloud access security broker (CASB)

Module 10 Page 1390 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Virtualization and Cloud Computing

CASB Solutions
Forcepoint CASB provides key features such as cloud application
discovery, cloud application risk scoring, data classification, user
Forcepoint |
and application governance, real-time activity McAfee MVISION Cloud
CASB https.//www.mcofee.com
https//www.mcofee.com
monitoring/analytics, automatic anomaly detection, data loss
prevention, and integration with third-party solutions

o Cisco Cloudlock
https://www.cisco.com

Bitglass Cloud Security
https.//www.bitglass.com

=21 21
— Microsoft Cloud App Security
https//www.microsoft.com
https.//www.microsoft.com
| | |I - @

P
- ()
(l) ForticAss
FortiCASB
https//www.fortinet.com
Forcepoint CASB User Risk Dashboard https://www.forcepoint.com I

Copyright © by
by | L All Rights
Rights Reserved. Reproduction
ReproductionIs Strictly Prohibited.

CASB Solutions
= Forcepoint CASB

Source: https://www.forcepoint.com
Forcepoint CASB provides complete security for all cloud applications. Its key features
include cloud application discovery, cloud application risk scoring, data classification,
user and application governance, real-time activity monitoring/analytics, automatic
anomaly detection, data loss prevention, and integration with third-party solutions.

User Rjsa
Riss DI‘IN‘U\'
Dashooard

8
USERS
USERS AT
AT RISK
RISK oADMINCE |-
NOR ADMN ¢
UATRY [0}
6

| 2 v

[@ Wt ®@
Ol =i
O —1 a
—

[e~oneum] ==
[omme— ]

l[ [
| I] ser e omn @
@ -e,
e
e

a—>

Figure 10.69: Screenshot of Forcepoint CASB User Risk Dashboard

Module 10 Page 1391 EC-Council
Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity
Certified Cybersecurity Technician
Technician Exam 212-82
Exam 212-82
Virtualization and Cloud Computing
Virtualization Computing

Additional CASB solutions include the following:
= McAfee
McAfee MVISION Cloud (https.//www.mcafee.com)
(https://www.mcafee.com)
= (Cisco Cloudlock (https.//www.cisco.com)
= Bitglass Cloud Security (https://www.bitglass.com)
= Microsoft
Microsoft Cloud App Security (https://www.microsoft.com)
= FortiCASB
FortiCASB (https.//www.fortinet.com)

Module
Module 10 Page 1392 Certified
Certified Cybersecurity
Cybersecurity Technician
Technician Copyright ©© by EC-Gouncil
EG-Gomncil
All Reproduction isis Strictly Prohibited.
All Rights Reserved. Reproduction Prohibited.
Certified Cybersecurity Technician Exam 212-82
Virtualization and Cloud Computing

Next-Generation Secure Web Gateway (NG SWG)

NG SWG is a cloud-based security solution that protects an organization’s network from cloud-based
threats, malware infections, and data theft activities and allows clients to securely access cloud services

X @) |
( TN e H
]. (™ NG SWG Solutions...........
NANY, ‘
O wecen
Netskope Next Gen Secure

https://www.netskope.com
1211100 g :
,@JI?A £ N::NG; 'y oLP ‘>........... [} o MVISION UCE..... https://www.mcafee.com

\ °’