🔥 3-day streak
CompTIA SecurityX (CAS-005)95 / 120
Question 95 of 120

A financial services company relies on three critical SaaS vendors for payment processing, fraud detection, and customer identity verification. During an annual third-party risk review, the risk manager discovers that all three vendors host their production workloads with the same single cloud infrastructure provider in the same geographic region. Each individual vendor has strong SOC 2 Type II reports and acceptable individual risk scores. Which risk should the risk manager escalate as the MOST significant finding?

Reviewed for accuracy · Report an issueNext question