A security team will be outsourcing several key functions to a third party and will requi…

Question

A security team will be outsourcing several key functions to a third party and will require that: • Several of the functions will carry an audit burden • Attestations will be performed several times a year • Reports will be generated on a monthly basis Which of the following best describes the document that is used to define these requirements and stipulate how and when they are performed by the third party?

Accepted Answer

Correct answer: C. C. SLA — The correct answer is SLA (Service Level Agreement), as it specifically defines the expectations and responsibilities of the service provider regarding performance metrics and reporting requirements. MOU (Memorandum of Understanding) is more of a general agreement, AUP (Acceptable Use Policy) pertains to user conduct, and MSA (Master Service Agreement) outlines the overarching terms of service but does not detail specific performance metrics.

CompTIA Security+ (SY0-601) — Question 308

Answer options

Correct answer: C

Explanation