CDPSE · Question #5
Which of the following is the BEST way for an organization to limit potential data exposure when implementing a new application?
The correct answer is B. Use only the data required by the application.. The best way to limit data exposure is to apply the data minimization principle - collect and use only the data the application genuinely needs. Data that is never collected cannot be exposed. DLP systems (A) detect and prevent unauthorized transfers but do not reduce the volume
Question
Which of the following is the BEST way for an organization to limit potential data exposure when implementing a new application?
Options
- AImplement a data loss prevention (DLP) system.
- BUse only the data required by the application.
- CEncrypt all data used by the application.
- DCapture the application's authentication logs.
How the community answered
(55 responses)- A4% (2)
- B75% (41)
- C15% (8)
- D7% (4)
Explanation
The best way to limit data exposure is to apply the data minimization principle - collect and use only the data the application genuinely needs. Data that is never collected cannot be exposed. DLP systems (A) detect and prevent unauthorized transfers but do not reduce the volume of sensitive data held. Encryption (C) protects data confidentiality but the data is still present and could be exposed if keys are compromised. Authentication logging (D) is a detective control, not preventive. Minimizing data at the design stage eliminates risk at its source, making it the most effective approach.
Topics
Community Discussion
No community discussion yet for this question.