CompTIA CASP+ (CAS-004) — Question 522

A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)

Answer options

• A. Inform users regarding what data is stored.
• B. Provide opt-in/out for marketing messages.
• C. Provide data deletion capabilities.
• D. Provide optional data encryption.
• E. Grant data access to third parties.
• F. Provide alternative authentication techniques.

Correct answer: A, C

Explanation

The correct answers, A and C, are essential for GDPR compliance as they ensure users are informed about their data and can request its deletion. Options B, D, E, and F do not directly address the core principles of GDPR that focus on user consent and control over personal data.