Which of the following is the MOST appropriate?

A business unit of a large enterprise has outsourced the hosting and development of a new external website
which will be accessed by premium customers, in order to speed up the time to market timeline. Which of the
following is the MOST appropriate?

A business unit of a large enterprise has outsourced the hosting and development of a new external website
which will be accessed by premium customers, in order to speed up the time to market timeline. Which of the
following is the MOST appropriate?

A.
The external party providing the hosting and website development should be obligated under contract to
provide a secure service which is regularly tested (vulnerability and penetration). SLAs should be in place
for the resolution of newly identified vulnerabilities and a guaranteed uptime.

B.
The use of external organizations to provide hosting and web development services is not recommended as
the costs are typically higher than what can be achieved internally. In addition, compliance with privacy
regulations becomes more complex and guaranteed uptimes are difficult to track and measure.

C.
Outsourcing transfers all the risk to the third party. An SLA should be in place for the resolution of newly
identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

D.
Outsourcing transfers the risk to the third party, thereby minimizing the cost and any legal obligations. An
MOU should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability
testing should be conducted regularly.



Leave a Reply 0

Your email address will not be published. Required fields are marked *