CompTIA Security+ (SY0-701) — Question 262

Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?

Answer options

• A. Compliance reporting
• B. GDPR
• C. Due diligence
• D. Attestation

Correct answer: C

Explanation

The correct answer is C, due diligence, as it refers to the thorough investigation into laws and regulations pertinent to information security in a given industry. Options A and D are related to reporting and validation processes rather than research, while B specifically refers to the General Data Protection Regulation, which is just one aspect of compliance rather than a comprehensive practice.