Exam 350-701 topic 1 question 343 discussion

C. Application security gateway. To secure SaaS-based applications, an application security gateway must be enabled. This is a security solution that sits between the user and the SaaS application, providing a secure connection and monitoring traffic to ensure that it meets security policies. Two-factor authentication (A) is a security measure that adds an extra layer of authentication to access a system or application, but it alone is not sufficient to secure SaaS-based applications. End-to-end encryption (B) can also be an important security measure for SaaS-based applications, but it is typically used to protect data in transit, rather than securing the SaaS application itself.

I that would an option, then I would go for Cisco cloud lock, or Cisco secure access, but none of these are listed. In this case, Cisco application security gateway seems to be the closest. This solution safeguards cloud applications based on this article. https://www.cisco.com/site/us/en/products/security/cloud-application-security/index.html

Answer a

Answer a

I agree both A & B are correct answers but given SaaS implies my data is traversing the Internet I'll choose encrypting my data before securing the login with a second factor.

B is a must, so B it is

Now this is a good one lol... Securing SaaS-based applications typically require a combination of security measures - making options A-C all valid in the grand scheme of things, but of course, we must select the BEST possible answer for this question. I would eliminate C for starters - Although an application security gateway provides a more comprehensive solution than options A & B because it provides a centralized point for monitoring and controlling access to SaaS-based applications, it is also a functionality that should be primarily provided by your vendor. Now this is where it gets interesting because options A & B are BOTH valid solutions to securing SaaS applications and can be implemented at the CUSTOMER level. If I had to choose, however, I would go with Option A. According to Cisco DUO's website - phishing is not only a common security threat, but it is also the #1 cause of security breaches. See link below: https://duo.com/solutions/phishing-prevention

I would go with A.

Keeping this here: https://www.cyberark.com/what-is/app-gateway/

I would have to say A. SaaS is like Office365. An organization doesn't own the underling infrastructure to put in a ALG or MPF. HTTPS is enabled by default. So the only logical choice is MFA.

The answer is definitely A. Cannot be C because in a SaaS environment, the provider is responsible for the network infrastructure, security, and the application. The client is only responsible for the data and the people, which makes A the most sensible choice.

The following practices are recommended for securing SaaS environments and assets: 1. Enhanced Authentication 2. Data Encryption ... Therefore the best answer is A https://www.cynet.com/sspm/saas-security-the-challenge-and-7-critical-best-practices/

https://www.strongdm.com/what-is/application-gateway#:~:text=An%20application%20gateway%20is%20a%20security%20measure%20that,services%20with%20the%20login%20credentials%20for%20the%20app. What is an Application Gateway (App Gateway)? An application gateway is a security measure that protects web applications. They replace traditional web applications that require the same login credentials as the data center. Instead, users access application gateways through mobile apps and cloud services with the login credentials for the app.

Obviously it's C

What about ? Application Security Gateway - As it provides multiple security measures such as firewall protection, intrusion detection and prevention, and SSL decryption, all in one solution, an application security gateway is a comprehensive solution to securing SaaS-based applications. By acting as a mediator between the application and the network, it can help ensure that sensitive data is protected while in transit and at rest.

https://www.getastra.com/blog/cms/saas-security-guide/

probably B