A company would like to obfuscate PII data accessed by an application that is housed in a database to prevent unauthorized viewing. Which of the following should the company do to accomplish this goal?
How do you obfuscate PII data?
PII can be obfuscated by either nullifying or masking. PII is nullified when its value is returned null. PII is masked when a portion of its value is returned with placeholder characters, such as 'XXXXXXX-3213' as a return value for an account number
Key word here is obfuscation: To obfuscate PII data accessed by an application housed in a database, the company should mask the data. This can be done by replacing the actual data with fake data that has the same format and characteristics, but is not sensitive or identifiable. This can be done using techniques such as data masking or data pseudonymization.
Data masking appears to be more useful in situations involving SSNs, phone numbers, etc.
https://www.tokenex.com/blog/ab-what-is-data-masking-data-masking-vs-encryption-for-data-security#:~:text=Data%20Masking%20vs%20Data%20Encryption,is%20unreadable%20without%20a%20key.
upvoted 3 times
...
...
This section is not available anymore. Please use the main Exam Page.CAS-004 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
[Removed]
Highly Voted 1 year agoFOURDUE
Most Recent 9 months agohidady
10 months, 2 weeks agoMr_BuCk3th34D
10 months, 2 weeks agosh4dali
1 year agosh4dali
1 year agoadamwella
1 year, 1 month agoAndy2345
1 year ago