3d • 🙋♂️ CISSP
CISSP Practice Question (Domain 1: Security and Risk Management)
During a third-party risk assessment, you discover a critical SaaS vendor stores customer data in a jurisdiction that conflicts with your organization's data residency requirements. The vendor scores well on every other security benchmark. The contract renewal deadline is in two weeks. What should you do FIRST?
A. Require the vendor to migrate data to a compliant region before renewal
B. Engage legal counsel to assess regulatory exposure and contractual options
C. Renew the contract with an addendum requiring future data residency compliance
D. Begin evaluating alternative vendors that meet data residency requirements
Come back for the answer tomorrow, or study more now!
1
17 comments
CISSP Practice Question (Domain 1: Security and Risk Management)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+42
2
+32
3
+29
4
+29
5
+27
Powered by