A security team is engaging a third-party vendor to do a penetration test of a new proprietary application prior to its release. Which of the following documents would the third-party vendor MOST likely be required to review and sign?
The third-party vendor would most likely be required to review and sign a non-disclosure agreement (NDA) or confidentiality agreement. This document outlines the terms and conditions of the engagement, including the requirement for the vendor to keep all information about the proprietary application confidential and not to disclose any information about the test results or findings to any third parties.
Ans is B. Though I have spent quite a few minutes to justify my answer SLA with BAR, Perflexity AI and Chat GPT. Finally, I am convinced that NDA (Non-Disclosure Agreement) is chosen primarily for confidentiality over SLA (Service Level Agreement).
An SLA is a contract between two parties that defines the level of service that the vendor will provide. In this case, the vendor is the penetration testing company and the customer is the security team.
An NDA is a legal contract that protects confidential information. In this case, the confidential information would be the new proprietary application that is being tested. The NDA would typically include things like the definition of confidential information, the obligations of the parties to keep the information confidential, and the remedies for breach of the NDA.
An NDA is a legal contract that establishes confidentiality obligations between parties involved in a business relationship. In the context of engaging a third-party vendor for a penetration test, the NDA ensures that the vendor understands and agrees to keep any sensitive information, findings, or details about the proprietary application confidential. It prevents the vendor from disclosing or sharing any confidential information with unauthorized parties or using it for purposes other than the agreed-upon scope of the penetration test.
By signing the NDA, the third-party vendor acknowledges their responsibility to protect the confidential information they may come across during the penetration testing process and demonstrates their commitment to maintaining the privacy and security of the proprietary application and its related data.
Memorandum of understanding (MOU)
A memorandum of understanding (MOU) or memorandum of agreement (MOA) is an
expression of agreement or aligned intent, will, or purpose between two entities. It is not
typically a legal agreement or commitment, but rather a more formal form of a reciprocal
agreement or handshake (neither of which is typically written down). An MOU can also be
called a letter of intent. It is a means to document the specifics of an agreement or arrange-
ment between two parties without necessarily legally binding them to the parameters of
the document.
This section is not available anymore. Please use the main Exam Page.SY0-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Ufuk_Ari
Highly Voted 2 years, 2 months agoLaBooty123456
Highly Voted 2 years, 2 months agosujon_london
Most Recent 1 year, 8 months agoApplebeesWaiter1122
1 year, 10 months agoNeoSam999
2 years, 2 months agosdc939
2 years, 2 months agosdc939
2 years, 2 months agohsdj
2 years, 3 months ago