CompTIA Security+ (SY0-701) — Question 261

Which of the following addresses individual rights such as the right to be informed, the right of access, and the right to be forgotten?

Answer options

• A. GDPR
• B. PCI DSS
• C. NIST
• D. ISO

Correct answer: A

Explanation

The General Data Protection Regulation (GDPR) specifically addresses individual rights regarding personal data, including the right to be informed, the right of access, and the right to be forgotten. Other options like PCI DSS focus on payment card security, while NIST and ISO provide guidelines and standards that do not specifically address individual data rights.