CompTIA Security+ (SYO-701) Obj 5

Which of the following BEST represents a primary goal when seeking evidence of internal audits from a third-party vendor? Options: Assessment of external threat landscape to reduce security vulnerabilities., Verification of compliance with internal security standards., Determination of the vendor's profit margins., Review of the vendor's client list.

Which agreement type outlines the specific services to be provided by the vendor, along with associated timelines and costs? Options: MSA, MOA, SOW, SLA

Which aspect of the vendor selection process is Jamario emphasizing when reviewing the potential vendor's past financial stability, customer reviews, and history of cybersecurity incidents?

Dion Training is considering a collaboration with a new IT service vendor. To ensure compliance and adherence to industry standards, Dion Training wishes to see verifiable evaluations of the vendor's security controls and practices. Which of the following would provide Dion Training with insights into the vendor's own internal evaluations of their security measures? External penetration test reports, Customer testimonials, Evidence of internal audits, Regulatory compliance certificates

What part of a BPA for mission essential functions provides a detailed, step-by-step description of the procedural tasks performed? Options: Hardware, Outputs, Process flow, Inputs

Which type of agreement defines the terms of a partnership between two organizations and how they will collaborate on specific projects or initiatives? Options: SLA, BPA, MSA, MOU

What type of agreement outlines security controls, availability requirements, and confidentiality clauses when a third-party vendor is hired for data storage? Options: Business Partnership Agreement (BPA), Memorandum of Understanding (MOU), Data Use Agreement (DUA), Service Level Agreement (SLA)

What type of agreement outlines security controls, availability requirements, and confidentiality clauses when a third-party vendor is hired for data storage? Options: Business Partnership Agreement (BPA), Memorandum of Understanding (MOU), Data Use Agreement (DUA), Service Level Agreement (SLA)

Why is it important for a company to conduct a supply chain analysis despite the costs?

What type of assessment should you do to evaluate the security measures and vulnerabilities of a company that offers goods or services? Options: Statement of Work, Vendor monitoring, Vendor assessment, Vendor selection