Compliance — CompTIA Security+ (SY0-701) Practice Questions
Compliance in the Security+ context means adhering to laws, regulations, standards, and internal policies that govern how an organization protects data and manages risk. The SY0-701 exam tests knowledge of major compliance frameworks including PCI DSS, HIPAA, SOX, and GDPR, as well as how security controls map to those requirements. Understanding compliance helps security professionals prioritize controls and demonstrate due diligence to auditors and regulators. Non-compliance can expose organizations to financial penalties, legal liability, and loss of business relationships.
Free questions on compliance
Which compliance regulation specifically requires organizations to report data breaches involving personal information of US residents?
Free question · medium · full answer + explanation
More compliance questions in the full bank
- A forensics investigation requires preservation of email evidence for potential legal action. What process ensures that evidence is not altered or destroyed? Unlock answer & explanation →
- A company must comply with a regulatory requirement to implement encryption for all sensitive data at rest and in transit. Sensitive data includes customer PII, health information, and financial records. Where should encryption be FIRST prioritized? Unlock answer & explanation →
- What is a security policy and why is it essential? Unlock answer & explanation →