An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with other cloud solutions via an API.
Which solution should be used to accomplish this goal?
- SIEM
- CASB
- Adaptive MFA
- Cisco Cloudlock
Answer(s): D
Explanation:
+ Cisco Cloudlock continuously monitors cloud environments with a cloud Data Loss Prevention (DLP) engine to identify sensitive information stored in cloud environments in violation of policy.
+ Cloudlock is API-based.
+ Incidents are a key resource in the Cisco Cloudlock application. They are triggered by the Cloudlock policy engine when a policy detection criteria result in a match in an object (document, field, folder, post, or file).
Reference:
https://docs.umbrella.com/cloudlock-documentation/docs/endpoints
Note:
+ Security information and event management (SIEM) platforms collect log and event data from security systems, networks and computers, and turn it into actionable security insights.
+ An incident is a record of the triggering of an alerting policy. Cloud Monitoring opens an incident when a condition of an alerting policy has been met.
Reveal Solution Next Question