CISSP · Question #590
CISSP Question #590: Real Exam Question with Answer & Explanation
Sign in or unlock CISSP to reveal the answer and full explanation for question #590. The question stem and answer options stay visible for context.
Question
A financial company has decided to move its main business application to the Cloud. The legal department objects, arguing that the move of the platform should comply with several regulatory obligations such as the General Data Protection (GDPR) and ensure data confidentiality. The Chief Information Security Officer (CISO) says that the cloud provider has met all regulations requirements and even provides its own encryption solution with internally-managed encryption keys to address data confidentiality. Did the CISO address all the legal requirements in this situation?
Options
- ANo, because the encryption solution is internal to the cloud provider.
- BYes, because the cloud provider meets all regulations requirements.
- CYes, because the cloud provider is GDPR compliant.
- DNo, because the cloud provider is not certified to host government data.
Unlock CISSP to see the answer
You've previewed enough free CISSP questions. Unlock CISSP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.