ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CRISC All Questions

View all questions & answers for the CRISC exam
Go to Exam

Exam CRISC topic 1 question 1384 discussion

Actual exam question from Isaca's CRISC
Question #: 1384
Topic #: 1
[All CRISC Questions]

A risk practitioner recently discovered that personal information from the production environment is required for testing purposes in non-production environments. Which of the following is the BEST recommendation to address this situation?

  • A. Enable data encryption in the test environment.
  • B. Enforce multi-factor authentication within the test environment.
  • C. Prevent the use of production data in the test environment.
  • D. De-identify data before being transferred to the test environment.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by MartyMar at Dec. 20, 2022, 6:57 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CbtL
5 months, 3 weeks ago
Selected Answer: D
It is D, agreed.
upvoted 1 times
...
ap0ls
7 months, 2 weeks ago
I go with D. de-identify or masking of data
upvoted 2 times
...
ldl
7 months, 3 weeks ago
D is the answer
upvoted 2 times
...
john_boogieman
8 months ago
Selected Answer: D
The best recommendation to address this situation is to de-identify data before being transferred to the test environment. It is important to protect personal information in accordance with relevant data protection and privacy laws and regulations. De-identifying data will remove any personal information and make it safe to use for testing purposes. This approach ensures that the organization remains in compliance with applicable laws and regulations while also allowing for effective testing to be conducted.
upvoted 3 times
...
ldl
8 months, 1 week ago
Will Go with D
upvoted 2 times
...
Suchib
9 months, 1 week ago
Will go with D, de-identify the data.
upvoted 2 times
...
MartyMar
10 months ago
The given answer isn't correct. The question plainly says that the data is required in the test environment, so not using it isn't an option. I might would go with Data encryption, but this one is a little tricky.
upvoted 2 times
MartyMar
10 months ago
Actually after re-reading the question and looking at the answers, I'd go with Multifactor Identification This says you are ENFORCING it, so that is stronger in my opinion.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago