GIAC Security Leadership Certification (GSLC) — Question 18

What common standard is used to determine whether existing PII security controls and privacy policies are adequate?

Answer options

• A. Best in class
• B. Criminal intent
• C. Reasonable means
• D. Spirit of the law

Correct answer: A

Explanation

The correct answer, 'Best in class', refers to the industry standards that define the highest levels of security and privacy practices. The other options, such as 'Criminal intent', 'Reasonable means', and 'Spirit of the law', do not serve as benchmarks for evaluating PII controls and privacy policies.