CompTIA Security+ (SY0-601) — Question 51

A social media company based in North America is looking to expand into new global markets and needs to maintain compliance with international standards.
With which of the following is the company's data protection officer MOST likely concerned?

Answer options

• A. NIST Framework
• B. ISO 27001
• C. GDPR
• D. PCI-DSS

Correct answer: C

Explanation

The General Data Protection Regulation (GDPR) is a key regulation that governs data protection and privacy in the European Union, making it a primary concern for companies expanding internationally. While NIST Framework, ISO 27001, and PCI-DSS are important for various aspects of data security and compliance, GDPR specifically addresses data protection for individuals in the EU, which is critical for a global market expansion.