Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
Your company is planning to migrate its customer relationship management (CRM) system to a Software as a Service (SaaS) provider. As a cybersecurity architect, you are tasked with specifying the security requirements for this SaaS service to ensure compliance with industry standards and protect sensitive customer data. The solution must address multi-factor authentication, data encryption at rest and in transit, regular security audits, and a clear incident response plan. Considering these requirements, which of the following approaches BEST ensures the security of the SaaS service? (Choose one.)
Explanation:
The BEST approach is to specify comprehensive security baselines for the SaaS service, as this ensures that all aspects of security, including access control, data protection, and incident response, are tailored to meet your company's specific needs and compliance requirements. While the SaaS provider may offer some level of security, relying solely on their measures without defining your own requirements can lead to vulnerabilities. Securing only the network and endpoints or implementing minimal security measures does not provide a holistic security solution for the SaaS service.