CompTIA Security+ (SY0-501) — Question 31
An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data.
In which of the following documents would this concern MOST likely be addressed?
Answer options
- A. Service level agreement
- B. Interconnection security agreement
- C. Non-disclosure agreement
- D. Business process analysis
Correct answer: A
Explanation
The correct answer is A, as a Service Level Agreement (SLA) typically includes details about the security measures and controls the service provider must implement to safeguard customer data. The other options, while important in various contexts, do not primarily focus on the administrative and logical controls necessary for protecting sensitive information.