Which of the following most likely explains the choice to use a proxy-based CASB?

A security architect for a global organization with a distributed workforce recently received funding lo deploy a CASB solution.

Which of the following most likely explains the choice to use a proxy-based CASB?
A . The capability to block unapproved applications and services is possible
B . Privacy compliance obligations are bypassed when using a user-based deployment.
C . Protecting and regularly rotating API secret keys requires a significant time commitment
D . Corporate devices cannot receive certificates when not connected to on-premises devices

View Answer

Answer: A

Explanation:

A proxy-based Cloud Access Security Broker (CASB) is chosen primarily for its ability to block unapproved applications and services. Here’s why:

Application and Service Control: Proxy-based CASBs can monitor and control the use of applications and services by inspecting traffic as it passes through the proxy. This allows the organization to enforce policies that block unapproved applications and services, ensuring compliance with security policies.

Visibility and Monitoring: By routing traffic through the proxy, the CASB can provide detailed visibility into user activities and data flows, enabling better monitoring and threat detection.

Real-Time Protection: Proxy-based CASBs can provide real-time protection against threats by analyzing and controlling traffic before it reaches the end user, thus preventing the use of risky applications and services.

References:

CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl

NIST Special Publication 800-125: Guide to Security for Full Virtualization Technologies

Gartner CASB Market Guide