CompTIA Security+ SY0-601 – Question349

An information security manager for an organization is completing a PCI DSS self-assessment for the first time.
Which of the following is the MOST likely reason for this type of assessment?


A.
An international expansion project is currently underway.
B. Outside consultants utilize this tool to measure security maturity.
C. The organization is expecting to process credit card information.
D. A government regulator has requested this audit to be completed.

Correct Answer: C