CompTIA Security+ SY0-701 Practice Question

Your company is entering into a partnership with a third-party vendor to outsource the processing of customer data. The vendor will handle sensitive financial records. As the company's information security manager responsible for maintaining data security and compliance, you want to ensure you have the ability to verify the vendor's adherence to industry standards and regulatory requirements. Which of the following should you make sure is incorporated into the vendor contract?

  • A clause that solely restricts the types of data the vendor can process, without providing audit rights

  • A clause that exclusively requires the vendor to utilize encryption for all stored data without mention of audit rights

  • A clause that mandates the vendor to provide annual security awareness training to their employees

  • A clause that allows your organization to conduct regular audits of the vendor's security measures to ensure compliance

CompTIA Security+ SY0-701
Security Program Management and Oversight
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot