Certified Cloud Security Professional (CCSP) — Question 98

Which of the following is the best example of a key component of regulated PII?

Answer options

• A. Audit rights of subcontractors
• B. Items that should be implemented
• C. PCI DSS
• D. Mandatory breach reporting

Correct answer: D

Explanation

The correct answer, D, is essential because mandatory breach reporting is a key requirement in many regulations governing PII, ensuring that individuals are informed of potential data breaches. The other options, while relevant to data security and management, do not specifically denote a core component of regulated PII in the same way that breach reporting does.