ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 355 discussion

Actual exam question from CompTIA's SY0-701
Question #: 355
Topic #: 1
[All SY0-701 Questions]

Several customers want an organization to verify its security controls are operating effectively and have requested an independent opinion. Which of the following is the most efficient way to address these requests?

  • A. Hire a vendor to perform a penetration test
  • B. Perform an annual self-assessment.
  • C. Allow each client the right to audit
  • D. Provide a third-party attestation report
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Fourgehan at Nov. 27, 2024, 5:08 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
e2ba0ff
5 months, 1 week ago
Selected Answer: D
Attestation in Audits ■ In internal audits, attestation evaluates organizational compliance, effectiveness of internal controls, and adherence to policies and procedures ■ In external audits, third-party entities provide attestation on financial statements, regulatory compliance, and operational efficiency ■ Attestation builds trust, enhances transparency, ensures accountability, and is essential for stakeholders in making informed decisions
upvoted 1 times
...
Fourgehan
5 months, 1 week ago
Selected Answer: D
A third-party attestation report is a formal assessment conducted by an independent auditor to evaluate and verify an organization's security controls. Common examples include SOC 2 (System and Organization Controls) reports or ISO 27001 certifications. This is the most efficient way to address multiple customer requests because: Efficiency: A single report can be shared with multiple customers, eliminating the need for individual audits or assessments by each client. Credibility: Third-party attestation is more credible than a self-assessment or internal audit because it is performed by an independent and recognized entity. Comprehensive: Such reports are designed to provide detailed insights into the organization’s control effectiveness across various domains, such as security, availability, confidentiality, processing integrity, and privacy.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago