CompTIA Security+ SY0-601 – Question368

A company received a "right to be forgotten" request. To legally comply, the company must remove data related
to the requester from its systems. Which of the following is the company MOST likely complying with?


A.
NIST CSF
B. GDPR
C. PCI DSS
D. ISO 27001

Correct Answer: B