All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools. The human resources department wants to use these tools to process sensitive information but is concerned the data could be:

Leaked to the media via printing of the documents

Sent to a personal email address

Accessed and viewed by systems administrators

Uploaded to a file storage site

Which of the following would mitigate the department's concerns?

Options:
A. Data loss detection, reverse proxy, EDR, and PGP
B. VDI, proxy, CASB, and DRM
C. Watermarking, forward proxy, DLP, and MFA
D. Proxy, secure VPN, endpoint encryption, and AV

A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:

Only users with corporate-owned devices can directly access servers hosted by the cloud provider.

The company can control what SaaS applications each individual user can access.

User browser activity can be monitored.

Which of the following solutions would BEST meet these requirements?

Options: A IAM gateway, MDM, and reverse proxy
B VPN, CASB, and secure web gateway
C SSL tunnel, DLP, and host-based firewall
D API gateway, UEM, and forward proxy

B or D ????

A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:

Only users with corporate-owned devices can directly access servers hosted by the cloud provider.

The company can control what SaaS applications each individual user can access.

User browser activity can be monitored.

Which of the following solutions would BEST meet these requirements?

Options: 

A IAM gateway, MDM, and reverse proxy
B VPN, CASB, and secure web gateway
C SSL tunnel, DLP, and host-based firewall
D API gateway, UEM, and forward proxy

i think the answer is option C ? but need a validation 

A company is outsourcing to an MSSP that performs managed detection and response services. The MSSP requires a server to be placed inside the network as a log aggregate and allows remote access to MSSP analyst. Critical devices send logs to the log aggregator, where data is stored for 12 months locally before being archived to a multitenant cloud. The data is then sent from the log aggregate to a public IP address in the MSSP datacenter for analysis.

A security engineer is concerned about the security of the solution and notes the following.

* The critical devise send cleartext logs to the aggregator.

* The log aggregator utilize full disk encryption.

* The log aggregator sends to the analysis server via port 80.

* MSSP analysis utilize an SSL VPN with MFA to access the log aggregator remotely.

* The data is compressed and encrypted prior to being achieved in the cloud.

Which of the following should be the engineer's GREATEST concern?

Options:

A Hardware vulnerabilities introduced by the log aggregate server
B Network bridging from a remote access VPN
C Encryption of data in transit
D Multinancy and data remnants in the cloud