312-50V10 · Question #514
Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?
The correct answer is C. Use encrypted communications protocols to transmit PII. Encrypting PII in transit using protocols like TLS/HTTPS directly addresses the exposure of that data when web applications transmit it, which is the primary attack vector exploited by web vulnerabilities such as man-in-the-middle attacks.
Question
Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?
Options
- AUse cryptographic storage to store all PII
- BUse full disk encryption on all hard drives to protect PII
- CUse encrypted communications protocols to transmit PII
- DUse a security token to log into all Web applications that use PII
How the community answered
(59 responses)- A12% (7)
- B3% (2)
- C78% (46)
- D7% (4)
Why each option
Encrypting PII in transit using protocols like TLS/HTTPS directly addresses the exposure of that data when web applications transmit it, which is the primary attack vector exploited by web vulnerabilities such as man-in-the-middle attacks.
Cryptographic storage protects PII at rest on the server but does not prevent it from being exposed in transit through a vulnerable web application.
Full disk encryption protects stored data if physical media is stolen but provides no protection against web application vulnerabilities that exfiltrate data over the network.
Encrypted communications protocols (TLS/HTTPS) protect PII while it travels between the client and server, preventing interception or tampering by attackers who exploit weak or misconfigured web applications. Web application vulnerabilities frequently result in data being captured in transit, and transport-layer encryption is the direct countermeasure. This aligns with OWASP guidance on protecting sensitive data in transmission.
A security token strengthens authentication but does not protect PII from being exposed through application-layer vulnerabilities after login.
Concept tested: Protecting PII in transit using encrypted protocols
Source: https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure
Topics
Community Discussion
No community discussion yet for this question.