In order to save money, a company has moved its data to the cloud with a low-cost provider. The company did not perform a security review prior to the move; however, the company requires all of its data to be stored within the country where the headquarters is located. A new employee on the security team has been asked to evaluate the current provider against the most important requirements. The current cloud provider that the company is using offers:
•	Only multitenant cloud hosting
•	Minimal physical security
•	Few access controls
•	No access to the data center
The following information has been uncovered:
•	The company is located in a known floodplain. which flooded last year.
•	Government regulations require data to be stored within the country.
Which of the following should be addressed FIRST?

A. Update the disaster recovery plan to account for natural disasters.

B. Establish a new memorandum of understanding with the cloud provider.

C. Establish a new service-level agreement with the cloud provider.

D. Provision services according to the appropriate legal requirements.








 

Suggested Answer: A

Community Answer: D



This question is in CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam
For getting CompTIA Advanced Security Practitioner (CASP+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.