CompTIA Security+ (SY0-601) — Question 695

Which of the following organizations sets frameworks and controls for optimal security configuration on systems?

Answer options

• A. ISO
• B. GDPR
• C. PCI DSS
• D. NIST

Correct answer: D

Explanation

The correct answer is D, NIST, as it provides a comprehensive framework for security configurations. ISO and PCI DSS also offer standards, but they do not focus exclusively on security configuration frameworks like NIST does, while GDPR is primarily concerned with data protection and privacy regulations.