A database administrator is updating the company’s SQL database, which stores credit card information for pending purchases. Which of the following is the best method to secure the data against a potential breach?
In the case of storing credit card information, tokenization is ideal because it:
Minimizes risk: Even if attackers gain access to the database, they cannot use the tokens to access the original credit card information.
Complies with PCI DSS: Tokenization is widely recommended for compliance with Payment Card Industry Data Security Standards (PCI DSS), which govern the storage of credit card data.
The best method to secure credit card information in a database is C. Tokenization.
Tokenization replaces sensitive data, such as credit card numbers, with unique tokens that have no intrinsic 1 meaning. This way, even if the database is compromised, the attacker cannot directly use the stolen data
Data Nasking:Disguises original data to protect sensitive information,Reduces the risk of data breaches in non-production settings,Masks portions of sensitive data for privacy, e.g., credit card digits, social
security numbers
C. Tokenization
Explanation:
Tokenization replaces sensitive data, such as credit card information, with unique, nonsensitive tokens that have no exploitable value outside the system. The original data is securely stored in a separate token vault, making it inaccessible even if the database is breached. This approach is widely used in payment processing and ensures compliance with standards like PCI DSS (Payment Card Industry Data Security Standard).
GPT
Future me. Its actually Masking, this says it stores it, if it was being used in the moment thats when its a token but since it stores it, its actually Masking since youll keep it hidden in a data base. Tokens are used for credit cards, but this is storing it somewhere not the token vault. sooo its actually Masking the data.
Tokenization is a data security technique that protects sensitive data by replacing it with a unique, non-sensitive string of characters called a token.
Tokenization is often used in credit card processing, but it can also be used to protect other types of sensitive data, such as:
Social Security numbers
Telephone numbers
Passport numbers
Driver's license numbers
Email addresses
Bank account numbers
Names, addresses, birth dates
Protected health information (PHI)
Tokenization replaces sensitive data (like credit card numbers) with a unique, non-sensitive equivalent called a token. This token has no exploitable value and can only be mapped back to the original data through a secure, centralized tokenization system. This way, even if the database is breached, the stolen tokens are meaningless without the mapping system, thus minimizing the risk.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
laternak26
2 weeks, 4 days agoCocopqr
1 month ago5787808
1 month, 1 week agoe2ba0ff
1 month, 2 weeks agofmeox567
1 month, 2 weeks agofd4ea1a
1 month, 2 weeks agofd4ea1a
1 month, 2 weeks agoc7d159b
1 month, 3 weeks ago