CompTIA CySA+ (CS0-002) — Question 136

An analyst is participating in the solution analysis process for a cloud-hosted SIEM platform to centralize log monitoring and alerting capabilities in the SOC. Which of the following is the BEST approach for supply chain assessment when selecting a vendor?

Answer options

• A. Gather information from providers, including data center specifications and copies of audit reports
• B. Identify SLA requirements for monitoring and logging
• C. Consult with the senior management team for recommendations
• D. Perform a proof of concept to identify possible solutions

Correct answer: A

Explanation

Option A is the best choice because gathering information about data center specifications and audit reports allows for a thorough evaluation of the vendor's reliability and security practices. The other options, while important, do not focus on the critical supply chain assessment needed for vendor selection.