Refer to the exhibit. An engineer must enable access to Salesforce using Cisco Umbrella and Cisco Cloudlock. These actions were performed: * From Salesforce, add the Cloudlock IP address to the allow list * From Cloudlock, authorize Salesforce However, Salesforce access via Cloudlock is still unauthorized. What should be done to meet the requirements?
Correct Answer: B
When integrating Cisco Cloudlock with SaaS platforms like Salesforce, two core authorizations are required: network access and API authorization. In the scenario, Cloudlock has been authorized in Salesforce, and its IP has been allow-listed. However, if access is still denied, the most likely cause is that Salesforce has not been configured to accept traffic from Cloudlock's IP range - a process handled from the Salesforce admin panel. To resolve the issue, network access must be explicitly granted to Cloudlock from within Salesforce. This ensures that Salesforce accepts requests initiated by Cloudlock for monitoring and enforcement. Reference: Designing and Implementing Secure Cloud Access for Users and Endpoints (SCAZT), Section 4: Application and Data Security, Pages 85-87. Also supported by Cisco Cloudlock for Salesforce Deployment Guide.
Question 27
To effectively manage a compromised system, it's important to first _________ the threat to stop its spread.
Correct Answer: B
Question 28
The role of a reverse proxy in cloud security includes:
Correct Answer: D
Question 29
Which of the following are purposes of URL filtering in controlling access to cloud applications?
