An organization is subject to strict data-sovereignty regulations that require all personal data collected from citizens to remain within national borders. Which of the following security controls BEST helps the organization meet this requirement?
Encrypt all data at rest with AES-256
Implement geographic restrictions that prevent storage or processing outside the country
Distribute traffic using a global load-balancing service
Geographic restrictions (sometimes called geofencing or data-residency controls) enforce where data can be stored or processed, ensuring it never leaves the permitted jurisdiction. Encryption at rest, data masking, and global load balancing improve confidentiality, privacy, or performance, but none of them by themselves prevent data from being transferred or stored outside the mandated region. Therefore, implementing geographic restrictions is the most effective control for complying with data-sovereignty laws.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are geographic restrictions in data management?
Open an interactive chat with Bash
What is data sovereignty?
Open an interactive chat with Bash
What are some examples of local privacy regulations?