CDPSE · Question #28
When using pseudonymization to prevent unauthorized access to personal data, which of the following is the MOST important consideration to ensure the data is adequately protected?
The correct answer is B. The identifier must be kept separate and distinct from the data it protects.. Pseudonymization replaces direct identifiers (e.g., name, SSN) with a pseudonym or token, with a mapping table linking the pseudonym back to the real identity. If that mapping table is stored alongside the pseudonymized data, an attacker who gains access to both can trivially re-
Question
When using pseudonymization to prevent unauthorized access to personal data, which of the following is the MOST important consideration to ensure the data is adequately protected?
Options
- AThe data must be protected by multi-factor authentication.
- BThe identifier must be kept separate and distinct from the data it protects.
- CThe key must be a combination of alpha and numeric characters.
- DThe data must be stored in locations protected by data loss prevention (DLP) technology.
How the community answered
(43 responses)- A2% (1)
- B88% (38)
- C7% (3)
- D2% (1)
Explanation
Pseudonymization replaces direct identifiers (e.g., name, SSN) with a pseudonym or token, with a mapping table linking the pseudonym back to the real identity. If that mapping table is stored alongside the pseudonymized data, an attacker who gains access to both can trivially re-identify individuals - rendering pseudonymization worthless. Keeping the identifier mapping physically and logically separate (often in a different, more restricted system) is the foundational requirement for pseudonymization to provide meaningful protection. MFA, alphanumeric key composition, and DLP are supportive controls but do not address the core architectural requirement of separation.
Topics
Community Discussion
No community discussion yet for this question.