Certified Ethical Hacker (CEH v13) — Question 155

As a cybersecurity consultant, you are working with a client who wants to migrate their data to a Software as a Service (SaaS) cloud environment. They are particularly concerned about maintaining the privacy of their sensitive data, even from the cloud service provider. Which of the following strategies would best ensure the privacy of their data in the SaaS environment?

Answer options

• A. Implement a Virtual Private Network (VPN) for accessing the SaaS applications.
• B. Rely on the cloud service provider's built-in security features.
• C. Encrypt the data client-side before uploading to the SaaS environment and manage encryption keys independently.
• D. Use multi-factor authentication for all user accounts accessing the SaaS applications

Correct answer: C

Explanation

The correct answer is C because encrypting data client-side before uploading ensures that even the cloud service provider cannot access the sensitive information without the encryption keys. Option A, while improving security, does not address data privacy itself, and option B relies on the provider's security, which may not be sufficient. Option D enhances account security but does not directly protect data privacy.