Exam 350-901 topic 1 question 170 discussion

I go for ‘A & C’

I go for A & C B seems incorrect as hashing makes the data inaccessible. If you hash a user's address, you cannot retrieve their address anymore.

A and C are correct. Basically, encrypt data everywhere.

A and C, B seems incorrect as hashing makes the data inaccessible. If you hash a user's address, you cannot retrieve their address anymore.

GDPR demands that stored data undergo either an anonymization or a pseudonymization (deidentification) process. In both cases, PII data is removed; however, anonymization irreversibly destroys any way of identifying the data subject, whereas pseudonymization substitutes the identity of the data subject in such a way that with some additional information it is possible to re-identify the data subject. In other words, with pseudonymization, some unique ID is still present, but it’s not personally identifiable. Pseudonymization is less secure, as it allows re-identification either as a result of some authority’s request or due to advanced analytics (for example, from knowing that same person went to certain places, it is possible to deduce who he/she is). Encryption, integrity, and nonrepudiation technologies are used to protect data confidentiality and reliability. Data protection can be divided into data-at-rest and data-in-transit protection. Source: Cisco DEVCOR 350-901 Study Guide

A and C seems to be correct!

A and C. Encryption of data in transit and Data at rest is the way to go for all the choices provided.

I think A C could be correct

A and C