CompTIA CySA+ (CS0-002) — Question 371

A company recently experienced a breach of sensitive information that affects customers across multiple geographical regions. Which of the following roles would be BEST suited to determine the breach notification requirements?

Answer options

• A. Legal counsel
• B. Chief Security Officer
• C. Human resources
• D. Law enforcement

Correct answer: A

Explanation

Legal counsel is best suited to determine breach notification requirements because they are knowledgeable about laws and regulations regarding data breaches across different jurisdictions. The Chief Security Officer focuses on security measures rather than legal compliance, Human Resources deals with employee-related issues, and Law enforcement is involved in investigations but not in breach notification obligations.