Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 760 discussion

Actual exam question from Isaca's CISA
Question #: 760
Topic #: 1
[All CISA Questions]

An organization's software developers need access to personally identifiable information (PII) stored in a particular data format. Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?

  • A. Data masking
  • B. Data encryption
  • C. Data tokenization
  • D. Data abstraction
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Binagr8 at June 3, 2024, 8:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
choboanon
2 weeks, 3 days ago
Selected Answer: A
Answer is A
upvoted 1 times
...
Swallows
4 months, 3 weeks ago
Selected Answer: B
Data Encryption involves transforming sensitive data (like PII) into an unreadable format using cryptographic algorithms. Access to the original data is only possible with a decryption key, ensuring that even if the data is intercepted or accessed improperly, it remains protected.
upvoted 1 times
choboanon
2 weeks, 3 days ago
Incorrect. The data is encrypted. Great. The developers still can't do anything with the encrypted data. They need to use the data but we don't want them to access PII. The answer is data masking. We can give them data and anonymize it for them to use. Encryption matters even less as an answer when you consider the data is now anonymous and less risk as an exposure if anonymous data is lost, it's no longer PII
upvoted 1 times
...
...
Binagr8
5 months, 2 weeks ago
It is C. Data tokenization: Data tokenization involves replacing sensitive data with a token or placeholder value while storing the original data securely elsewhere. This allows developers to work with realistic data without exposing the actual sensitive information. Tokenization maintains data integrity and security while allowing authorized users to use the data in development and test environments. It's a widely adopted method for protecting sensitive information while preserving usability.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel