CompTIA
CAS-003 · Question #521
CAS-003 Question #521: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #521. The question stem and answer options stay visible for context.
Question
An infrastructure team within an energy organization is at the end of a procurement process and has selected a vendor's SaaS platform to deliver services. As part of the legal negotiation, there are a number of outstanding risks, including: 1. There are clauses that confirm a data retention period in line with what is in the energy organization's security policy. 2. The data will be hosted and managed outside of the energy organization's geographical location. The number of users accessing the system will be small, and no sensitive data will be hosted in the SaaS platform. Which of the following should the project's security consultant recommend as the NEXT step?
Options
- ADevelop a security exemption, as the solution does not meet the security policies of the energy
- BRequire a solution owner within the energy organization to accept the identified risks and
- CMititgate the risks by asking the vendor to accept the in-country privacy principles and modify the
- DReview the procurement process to determine the lessons learned in relation to discovering risks
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.