A small clinic is moving its health and accounting systems to a SaaS solution. The clinic holds patient- and business-sensitive information. Which of the following is the company expected to do to protect its data?
A. Document, configure, and enforce strong account management policies.
B. Disable and document unneeded ports and protocols on the SaaS servers.
C. Install antivirus and disable unneeded services on all SaaS servers.
D. Harden the underlying infrastructure: servers, firewalls, and load balancers.
wrong answer and it is
A…
How is this possible? You don’t have access to the servers or the underlying infrastructure in a SaaS environment.