CompTIA CASP+ (CAS-003) — Question 325
A company has decided to move an ERP application to a public cloud vendor. The company wants to replicate some of its global policies from on premises to cloud. The policies include data encryption, token management, and limited user access to the ERP application. The Chief Information Officer (CIO) is mainly concerned about privileged accounts that might be compromised and used to alter data in the ERP application. Which of the following is the BEST option to meet the requirements?
Answer options
- A. Sandboxing
- B. CASB
- C. MFA
- D. Security as a service
Correct answer: D
Explanation
The best option is Security as a service because it provides a comprehensive security framework that can address data encryption, token management, and user access control, thereby protecting against the misuse of privileged accounts. Sandboxing primarily isolates applications to prevent malware infections but does not directly address account security. CASB helps in monitoring cloud services but may not offer the same level of comprehensive security. MFA is important for user authentication but does not encompass the broader security needs outlined in the scenario.