CompTIA PenTest+ (PT0-002) — Question 184

Which of the following compliance requirements would be BEST suited in an environment that processes credit card data?

Answer options

• A. PCI DSS
• B. ISO 27001
• C. SOX
• D. GDPR

Correct answer: A

Explanation

The best compliance standard for environments dealing with credit card data is PCI DSS, as it specifically addresses the security requirements for payment card information. ISO 27001 focuses on information security management systems in general, SOX pertains to financial reporting, and GDPR regulates data protection and privacy for individuals in the EU, none of which are tailored for credit card processing.