Exam CCSP topic 1 question 429 discussion

'A' should read "secure remote access of data", as in connecting to a resource from outside the protected network to read data which is then masked. "Secure Remote Access" is misleading in that it makes one think of VPNs and encryption.

How does data masking help secure remote access?

Data masking is primarily used to protect sensitive data by replacing it with obfuscated or anonymized values while maintaining its usability for testing, development, or security purposes. However, it does not play a role in authentication. 🔹 What Data Masking Can Do: A. Secure Remote Access → Helps ensure sensitive data is protected when accessed remotely. B. Test Data in Sandboxed Environments → Allows the use of realistic but anonymized data for testing without exposing actual sensitive information. D. Enforcing Least Privilege → Supports role-based access by restricting access to de-identified or masked data based on user permissions. 🔹 Why Not "Authentication of Privileged Users"? Authentication is the process of verifying a user’s identity (e.g., passwords, MFA, biometrics). Data masking does not verify user identity—it only hides or alters data visibility based on access policies.

C: Authentication of privileged users

it's pretty 'round about'. I guess yo ucan enforce least priv by not masking data to some people. and remote access by masking data from remote users. test data in sandbox is a given. so authentication is the best answer

Based on the wording clearly A and C both fit the narrative of the question

answer A is correct

data masking help secure remote access by not displaying password it does not take part in the actual authentication process

Arguably when you enter your password in certain sites the keystrokes are masked.. This is a very misleading question and an even more debatable answer.