nerdexam
ExamsSY0-701Questions#884
CompTIACompTIA

SY0-701 · Question #884

SY0-701 Question #884: Real Exam Question with Answer & Explanation

The correct answer is B: Third-party audit. A third-party audit report (such as a SOC 2 or ISO 27001 certification) provides independent validation of the vendor’s security controls and assurance of its security posture.

Submitted by packet_pusher· Mar 6, 2026Security program management and oversight

Question

A security analyst is reviewing the security of a SaaS application that the company intends to purchase. Which of the following documentations should the security analyst request from the SaaS application vendor?

Options

  • AService-level agreement
  • BThird-party audit
  • CStatement of work
  • DData privacy agreement

Explanation

A third-party audit report (such as a SOC 2 or ISO 27001 certification) provides independent validation of the vendor’s security controls and assurance of its security posture.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-701 PracticeBrowse All SY0-701 Questions