CAS-005 · Question #107
CAS-005 Question #107: Real Exam Question with Answer & Explanation
The correct answer is B: Deploying tokenization. Tokenization replaces sensitive data elements with non-sensitive equivalents, called tokens, that can be used within the internal tests. The original data is stored securely and can be retrieved if necessary. This approach allows the software development team to work with data th
Question
A software development team requires valid data for internal tests. Company regulations, however do not allow the use of this data in cleartext. Which of the following solutions best meet these requirements?
Options
- AConfiguring data hashing
- BDeploying tokenization
- CReplacing data with null record
- DImplementing data obfuscation
Explanation
Tokenization replaces sensitive data elements with non-sensitive equivalents, called tokens, that can be used within the internal tests. The original data is stored securely and can be retrieved if necessary. This approach allows the software development team to work with data that appears realistic and valid without exposing the actual sensitive information. Configuring data hashing (Option A) is not suitable for test data as it transforms the data into a fixed- length value that is not usable in the same way as the original data. Replacing data with null records (Option C) is not useful as it does not provide valid data for testing. Data obfuscation (Option D) could be an alternative but might not meet the regulatory requirements as effectively as tokenization.
Community Discussion
No community discussion yet for this question.