Free CompTIA SecurityX / CASP+ CAS-005 Actual Exam Questions - Question 12 Discussion
A cloud engineer needs to identify appropriate solutions to:
• Provide secure access to internal and external cloud resources.
• Eliminate split-tunnel traffic flows.
•Enable identity and access management capabilities.
Which of the following solutions arc the most appropriate? (Select two).
C, F. SASE definitely tackles the split-tunnel issue by integrating secure networking and access in one framework. For identity and access management across different clouds and external resources, CASB makes sense since it provides visibility and control specifically over cloud apps and services, which fits better than Federation here. Federation mostly handles single sign-on but doesn’t cover cloud app security or traffic flow control like CASB does. So pairing CASB with SASE seems like a solid combo for the requirements.
I’m with F for sure, since SASE integrates networking and security to kill split-tunnel issues. Instead of Federation, I’d pick D (PAM) because managing privileged access is crucial for internal resources and helps tighten identity controls beyond just single sign-on. So F plus D feels like the right combo here.
I agree F is key to fix split-tunnel problems since SASE combines networking and security. For the IAM part, I’d pick A (Federation) because it lets users access both internal and external resources with one identity, which fits the secure access and management needs better than just CASB or PAM. So, F and A make the most sense here.
C/F? Not sure if CASB covers everything here or just part.