CompTIA Security+ Question L-30

A large bank has moved back office operations offshore to another country with lower wage costs in an attempt to improve profit and productivity. Which of the following would be a customer concern if the offshore staff had direct access to their data?

A. Service level agreements
B. Interoperability agreements
C. Privacy considerations
D. Data ownership

Answer: C

Explanation:
Businesses such as banks have legally mandated privacy requirements and with moving operations offshore there is decentralized control with has implications for privacy of data.

CompTIA Security+ Question D-50

Which of the following concepts is a term that directly relates to customer privacy considerations?

A. Data handling policies
B. Personally identifiable information
C. Information classification
D. Clean desk policies

Answer: B

Explanation:
Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record. This has a direct relation to customer privacy considerations.