Q: What is a CASB?
A: A Cloud Access Security Broker (CASB) is a policy enforcement point that secures data & apps in the cloud and on any device, anywhere.
Glass Class - What Is a CASB?
Q: What is Zero Trust?
The zero trust framework arose in 2010 (with Forrester leading the charge) as a response to prior, inadequate approaches to security. Rather than relying entirely on a simplistic moat that cannot provide the needed protections, organizations leveraging zero trust frameworks deploy modern, intelligent security measures so they can granularly secure any and all corporate resources--wherever they reside and wherever they are accessed.
Q: What is SASE?
Secure Access Service Edge, or SASE (pronounced "sassy"), is an emerging cybersecurity concept that Gartner described in the August 2019 report The Future of Network Security in the Cloud.
In the SASE model, organizations can extend consistent security to all enterprise resources. From a single control point, security teams can configure policies that secure SaaS apps, control access to web destinations, identify shadow IT, and defend on-prem apps. Integrating SASE with SD-WAN also delivers consistent security across branch sites.
Q: What is data loss prevention (DLP)?
A: DLP refers to a number of capabilities which are designed to identify and protect sensitive data that needs to be shielded from unauthorized access and illegitimate usage. Modern DLP solutions must stop leakage across all interactions that may occur within the IT ecosystem, from the network, to the web, to the cloud, and beyond.
Q: What is the difference between security and management?
A: Security is preventing risky events from happening, management is cleaning up after high-risk events.
Q: What is Shadow IT?
A: Cloud applications used by business users without IT oversight, also known as unmanaged apps.
Q: What are managed apps?
A: Cloud Applications that are managed by IT, e.g.Office 365.
Q: What are the types of CASB?
A: Three types of Cloud Access Security Broker (a) API-only CASB offer basic management (b) multi-mode first-gen CASB offer management & security (c) Next-Gen CASB deliver management, security & Zero-Day protection.
Glass Class - The Evolution of CASBs
Q: What is a forward proxy?
A: A proxy where traffic must be forwarded by the end-point Such proxies require agents and configuration on client devices.
Q: What is a reverse proxy?
A: A proxy where traffic is automatically routed, requiring no agent or configuration on the end-point.
Glass Class - API vs. Proxy
Q: What is AJAX-VM?
Q: What are the types of CASB architecture?
A: There are three types of CASB architecture: API-only, forward proxy, and reverse proxy. Some CASB are API-only, others API and forward proxy. Next-Gen CASBs offer all three with AJAX-VM.
Q: What is CASB encryption?
A: Encryption/decryption of data prior to upload/download to a cloud application.
Q: What is searchable encryption?
A: An encryption system that combines full encryption with a clear-text index to enable search and sort without compromising encryption strength.
Q: What is tokenization?
A: Obfuscation by encoding each input string as a unique output string.
Q: What is agentless MDM?
A: Mobile security for BYOD that does not require agents. Easy to deploy and has no access to personal data or apps, thereby preserving user privacy.