CompTIA Exam CS0-002 Topic 8 Question 2 Discussion

Actual exam question for CompTIA's CS0-002 exam

Question #: 2
Topic #: 8

A compliance officer of a large organization has reviewed the firm's vendor management program but has discovered there are no controls defined to evaluate third-party risk or hardware source authenticity. The compliance officer wants to gain some level of assurance on a recurring basis regarding the implementation of controls by third parties.

Which of the following would BEST satisfy the objectives defined by the compliance officer? (Choose two.)

AExecuting vendor compliance assessments against the organization's security controls

BExecuting NDAs prior to sharing critical data with third parties

CSoliciting third-party audit reports on an annual basis

DMaintaining and reviewing the organizational risk assessment on a quarterly basis

ECompleting a business impact assessment for all critical service providers

FUtilizing DLP capabilities at both the endpoint and perimeter levels

Show Suggested Answer

Suggested Answer: A, C

by Pamella at May 03, 2022, 01:18 PM

Limited Time Offer

25%

Off

Get Premium CS0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!