CompTIA Security+ (SY0-501) — Question 329

An office manager found a folder that included documents with various types of data relating to corporate clients. The office manager notified the data included dates of birth, addresses, and phone numbers for the clients. The office manager then reported this finding to the security compliance officer. Which of the following portions of the policy would the security officer need to consult to determine if a breach has occurred?

Answer options

• A. Public
• B. Private
• C. PHI
• D. PII

Correct answer: D

Explanation

The correct answer is D, PII (Personally Identifiable Information), as the data includes details that can identify individual clients. Options A (Public) and B (Private) do not specifically address the nature of the data in question, and C (PHI) refers to Protected Health Information, which is not applicable in this context.