Crucial Exams

ISC2 CISSP Practice Question

A multinational company headquartered in the United States operates e-commerce sites across the EU. It plans to copy customer order histories from its German and French subsidiaries to a centralized data warehouse located in its U.S. data center for weekly marketing reports. The company is not certified under the EU-U.S. Data Privacy Framework and needs a lawful transfer mechanism. Which measure BEST satisfies GDPR requirements for this recurring cross-border transfer?

  • Implementing a general privacy policy that addresses international transfers

  • Establishing Binding Corporate Rules for all company subsidiaries

  • Implementing Standard Contractual Clauses (SCCs) approved by the European Commission

  • Relying on explicit consent from data subjects for each transfer

ISC2 CISSP
Security and Risk Management
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot