Oct 15 • 🙋♂️ CISSP
CISSP Practice Question – Legal & Regulatory Compliance (Data Privacy)
A U.S.–based company provides cloud storage services to European customers. Personal data from EU citizens is processed and stored on servers located in the United States.
Under the EU General Data Protection Regulation (GDPR), what is the PRIMARY legal requirement before transferring this data outside the EU?
A. Encrypt the data before transmitting it to ensure confidentiality in transit.
B. Notify EU supervisory authorities within 72 hours of each cross-border data transfer.
C. Establish an approved transfer mechanism such as Standard Contractual Clauses or Binding Corporate Rules.
D. Obtain the explicit consent of every data subject prior to data transfer.
1
20 comments
CISSP Practice Question – Legal & Regulatory Compliance (Data Privacy)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+41
2
+30
3
+30
4
+26
5
+15
Powered by