Regulatory Compliance — CompTIA CySA+ (CS0-003) Practice Questions
Regulatory compliance in a security context refers to an organization's obligation to meet the data protection and security requirements imposed by laws and frameworks such as HIPAA, PCI DSS, GDPR, and SOX. The CySA+ exam expects analysts to understand how compliance requirements influence security controls, logging retention policies, incident response timelines, and breach notification obligations. Analysts must be able to map security findings to compliance gaps and communicate risk in terms that satisfy both technical and legal stakeholders.
Free questions on regulatory compliance
A security analyst needs to report a data breach affecting 50,000 customers to executives and regulatory bodies. Which information should be prioritized in the initial notification?
Free question · medium · full answer + explanation
More regulatory compliance questions in the full bank
- A company faces regulatory requirements to report data breaches within 72 hours. An incident was discovered 60 hours ago but investigation is still ongoing. What should the organization do? Unlock answer & explanation →
- Your incident response must meet regulatory timelines. What is needed? Unlock answer & explanation →