CompTIA CASP+ (CAS-004) — Question 119

Which of the following is required for an organization to meet the ISO 27018 standard?

Answer options

• A. All PII must be encrypted.
• B. All network traffic must be inspected.
• C. GDPR equivalent standards must be met.
• D. COBIT equivalent standards must be met.

Correct answer: C

Explanation

To comply with ISO 27018, an organization must ensure that they meet GDPR equivalent standards, as it focuses on the protection of personally identifiable information (PII) in the cloud. The other options, while important for security, do not specifically address the requirements set forth by the ISO 27018 standard.