CompTIA CySA+ (CS0-002) — Question 275

A manufacturing company uses a third-party service provider for Tier 1 security support. One of the requirements is that the provider must only source talent from its own country due to geopolitical and national security interests. Which of the following can the manufacturing company implement to ensure the third-party service provider meets this requirement?

Answer options

• A. Implement a secure supply chain program with governance.
• B. Implement blacklisting for IP addresses from outside the country
• C. Implement strong authentication controls for all contractors.
• D. Implement user behavior analytics for key staff members.

Correct answer: A

Explanation

The correct answer is A because implementing a secure supply chain program with governance helps ensure that the third-party provider adheres to national sourcing requirements. Options B and C focus on security measures that do not directly address the sourcing of talent, while option D pertains to monitoring behavior rather than enforcing hiring policies.