CiscoCisco
350-901 · Question #10
350-901 Question #10: Real Exam Question with Answer & Explanation
The correct answer is A: Encrypt data in transit.. To safeguard personally identifiable information, it is critical to encrypt data when it is in transit across networks and to encrypt data at rest while it is stored on any persistent storage.
Application Deployment and Security
Question
Which two strategies are used to protect personally identifiable information? (Choose two.)
Options
- AEncrypt data in transit.
- BEncrypt hash values of data.
- CEncrypt data at rest.
- DOnly keep usernames and passwords for efficient lookup.
- EOnly encrypt usernames and passwords for efficient lookup.
Explanation
To safeguard personally identifiable information, it is critical to encrypt data when it is in transit across networks and to encrypt data at rest while it is stored on any persistent storage.
Common mistakes.
- B. Encrypting hash values of data is not a standard or effective strategy for protecting the original personally identifiable information; hashing is a one-way function typically used for integrity or secure password storage (where the hash, not the original password, is stored).
- D. Keeping usernames and passwords (which are PII) for efficient lookup without proper security measures like hashing and salting is a severe security vulnerability, not a protection strategy.
- E. While encrypting usernames and passwords is a step, the best practice for passwords (a form of PII) is secure hashing with salting, not just reversible encryption, and this choice is too narrow for general PII protection.
Concept tested. PII protection strategies
Reference. https://learn.microsoft.com/en-us/azure/security/fundamentals/data-encryption-overview
Topics
#PII Protection#Data Encryption#Data at Rest Encryption#Data in Transit Encryption
Community Discussion
No community discussion yet for this question.