Which countermeasure mitigates the risk of a rogue cloud administrator?

The chosen answer—logging and monitoring—effectively mitigates the risk of a rogue cloud administrator by providing a robust mechanism for oversight and accountability. When logging and monitoring practices are in place, every action taken by users within the cloud environment is recorded. This allows for continuous surveillance of activities, enabling the detection of any unusual or unauthorized behaviors that could indicate malicious actions by an insider.

Additionally, logging creates an audit trail that can aid in investigations and compliance efforts. If a rogue administrator attempts to manipulate data or perform unauthorized actions, the logs will capture these activities, making them traceable and providing the necessary evidence for response actions.

In contrast, multifactor authentication primarily serves to prevent unauthorized access by requiring multiple forms of verification from a user. While this is crucial for securing access, it does not directly address actions taken after access has been granted.

Data encryption is essential for protecting data at rest and in transit, ensuring that even if unauthorized access occurs, the data remains secure. However, it does not provide visibility into administrative actions or potential misuse.

Platform orchestration is more about managing resources and automating deployments rather than monitoring or mitigating insider threats. It doesn’t inherently track administrator actions or alert on suspicious activities.

Thus, logging and monitoring create a comprehensive approach