CompTIA Security+ (SY0-601) — Question 70

A company is auditing the manner in which its European customers' personal information is handled. Which of the following should the company consult?

Answer options

• A. GDPR
• B. ISO
• C. NIST
• D. PCI DSS

Correct answer: A

Explanation

The correct answer is GDPR, as it specifically governs the handling of personal information for individuals in the European Union. The other options, such as ISO and NIST, provide guidelines and standards but do not specifically address European data protection laws, while PCI DSS pertains to payment card information security.