CompTIA SecurityX (CAS-005) — Question 194

A security officer performs due diligence activities before implementing a third-party solution into the enterprise environment. The security officer needs evidence from the third party that a data subject access request handling process is in place. Which of the following is the security officer most likely seeking to maintain compliance?

Answer options

• A. Information security standards
• B. E-discovery requirements
• C. Privacy regulations
• D. Certification requirements
• E. Reporting frameworks

Correct answer: C

Explanation

The security officer is seeking to ensure compliance with Privacy regulations, which govern how personal data is managed, including the handling of data subject access requests. The other options, while relevant to security and compliance, do not specifically address the requirements associated with managing personal data requests.