CompTIA Security+ SY0-601 – Question198

After a recent external audit, the compliance team provided a list of several non-compliant, in-scope hosts that
were not encrypting cardholder data at rest. Which of the following compliance frameworks would address the
compliance team's GREATEST concern?


A.
PCI DSS
B. GDPR
C. ISO 27001
D. NIST CSF

Correct Answer: A