During the procurement phase for new computing resources, what is the BEST practice to ensure their security while integrating into the organization's existing infrastructure?
Conducting a security review of the vendor and their products
The correct answer is 'Conducting a security review of the vendor and their products', because ensuring the security of computing resources begins with a thorough evaluation of the vendors and their offerings. This evaluation should cover the vendor's security policies, compliance with relevant standards, and the security features of the products they are providing. Reviewing vendor security practices mitigates the risk of introducing vulnerabilities into the network through third-party products or services. 'Checking compatibility with current systems' is also a step in the process, but it does not directly strengthen security. 'Choosing products with the newest features' or 'Negotiating the lowest cost for products' may be important from a functionality or budget perspective, but they do not necessarily reflect the security posture of the products or the vendor.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What specific factors should be included in a security review of a vendor?
Open an interactive chat with Bash
Why is evaluating a vendor's security important during procurement?
Open an interactive chat with Bash
What are some consequences of not conducting a vendor security review?