CompTIA CySA+ (CS0-002) — Question 292

A Chief Executive Officer (CEO) is concerned the company will be exposed to data sovereignty issues as a result of some new privacy regulations. To help mitigate this risk, the Chief Information Security Officer (CISO) wants to implement an appropriate technical control. Which of the following would meet the requirement?

Answer options

• A. Data masking procedures
• B. Enhanced encryption functions
• C. Regular business impact analysis functions
• D. Geographic access requirements

Correct answer: D

Explanation

Geographic access requirements help ensure that data is only accessed within specific jurisdictions, thus addressing data sovereignty concerns. While data masking and encryption enhance data protection, they do not specifically resolve issues related to where data is stored or accessed. Regular business impact analysis functions are important for understanding risks but do not provide a direct technical control for sovereignty compliance.