Certified Ethical Hacker (CEH v11) — Question 286

What information security law or standard aims at protecting stakeholders and the general public from accounting errors and fraudulent activities within organizations?

Answer options

• A. FISMA
• B. PCI-DSS
• C. SOX
• D. ISO/IEC 27001:2013

Correct answer: C

Explanation

The correct answer is C, SOX, which establishes requirements to enhance financial transparency and accountability, thereby protecting stakeholders. A, FISMA, focuses on federal information security, B, PCI-DSS, is related to payment card data security, and D, ISO/IEC 27001:2013, pertains to overall information security management systems, none of which specifically target accounting practices.