CompTIA Security+ (SY0-701) — Question 508

Which of the following is the fastest and most cost-effective way to confirm a third-party supplier's compliance with security obligations?

Answer options

• A. Attestation report
• B. Third-party audit
• C. Vulnerability assessment
• D. Penetration testing

Correct answer: A

Explanation

An attestation report provides a concise summary of a third-party supplier's compliance status, making it a swift and cost-effective option. In contrast, a third-party audit, vulnerability assessment, and penetration testing typically require more time and resources to conduct, thus making them less efficient for confirming compliance.