Certified Ethical Hacker (CEH v12) — Question 201

As a cybersecurity consultant, you are working with a client who wants to migrate their data to a Software as a Service (SaaS) cloud environment. They are particularly concerned about maintaining the privacy of their sensitive data, even from the cloud service provider. Which of the following strategies would best ensure the privacy of their data in the SaaS environment?

Answer options

• A. Implement a Virtual Private Network (VPN) for accessing the SaaS applications.
• B. Rely on the cloud service provider's built-in security features.
• C. Encrypt the data client-side before uploading to the SaaS environment and manage encryption keys independently.
• D. Use multi-factor authentication for all user accounts accessing the SaaS applications

Correct answer: C

Explanation

The correct answer is C because encrypting data client-side before uploading ensures that even the cloud service provider cannot access the sensitive information without the encryption keys. Options A and D provide additional security measures but do not directly address data privacy from the provider. Option B is insufficient because it relies solely on the provider's security, which may not guarantee the privacy of sensitive data.