CAS-005 · Question #262
CAS-005 Question #262: Real Exam Question with Answer & Explanation
The correct answer is D: Utilizing tokenization for sensitive fields. Tokenization replaces sensitive data (e.g., PII) with non-sensitive placeholders while maintaining format consistency, ensuring compliance without disrupting testing. This method is commonly used for PCI-DSS and GDPR compliance while preserving data structure for functional tests
Question
A company wants to modify its process to comply with privacy requirements after an incident involving PII data in a development environment. In order to perform functionality tests, the QA team still needs to use valid data in the specified format. Which of the following best addresses the risk without impacting the development life cycle?
Options
- AEncrypting the data before moving into the QA environment
- BTruncating the data to make it not personally identifiable
- CUsing a large language model to generate synthetic data
- DUtilizing tokenization for sensitive fields
Explanation
Tokenization replaces sensitive data (e.g., PII) with non-sensitive placeholders while maintaining format consistency, ensuring compliance without disrupting testing. This method is commonly used for PCI-DSS and GDPR compliance while preserving data structure for functional tests.
Community Discussion
No community discussion yet for this question.