CompTIA CASP+ (CAS-004) — Question 398

A security analyst is investigating unapproved cloud services that are being used in the organization. Which of the following would best allow for discovery of shadow IT?

Answer options

• A. Monitoring for sign-up emails of cloud services
• B. Centralizing WAF deployment in the data center
• C. Setting up a reverse proxy and web filtering software
• D. Performing attack surface analysis

Correct answer: C

Explanation

Setting up a reverse proxy and web filtering software (C) can intercept and monitor all web traffic, making it easier to identify unauthorized cloud services. Monitoring for sign-up emails (A) may miss services that don't require email registration, while centralizing WAF deployment (B) does not directly address shadow IT detection. Performing attack surface analysis (D) is more about understanding vulnerabilities rather than specifically discovering unapproved services.