nerdexam
(ISC)2

CISSP · Question #508

The threat modeling identifies a man-in-the-middle (MITM) exposure. Which countermeasure should the information system security officer (ISSO) select to mitigate the risk of a protected Health informa

The correct answer is B. Anonymization. When a MITM attack intercepts PHI data in transit, anonymization ensures that any captured data cannot be linked back to identifiable individuals, directly mitigating the risk of a PHI data leak.

Submitted by andreas_gr· Mar 5, 2026Security and Risk Management

Question

The threat modeling identifies a man-in-the-middle (MITM) exposure. Which countermeasure should the information system security officer (ISSO) select to mitigate the risk of a protected Health information (PHI) data leak?

Options

  • AAuditing
  • BAnonymization
  • CPrivacy monitoring
  • DData retention

How the community answered

(39 responses)
  • A
    8% (3)
  • B
    77% (30)
  • C
    3% (1)
  • D
    13% (5)

Why each option

When a MITM attack intercepts PHI data in transit, anonymization ensures that any captured data cannot be linked back to identifiable individuals, directly mitigating the risk of a PHI data leak.

AAuditing

Auditing is a detective control that logs and reviews access events after the fact; it does not prevent a MITM attacker from capturing and reading PHI in transit.

BAnonymizationCorrect

Anonymization transforms PHI by removing or obscuring all personally identifiable elements so that even if a MITM attacker intercepts the data, the information cannot be attributed to any specific individual. This directly addresses the data leak risk because the intercepted payload has no protected health value without re-identification keys. Under HIPAA, de-identification/anonymization is a recognized method to remove data from PHI classification, eliminating regulatory exposure even if interception occurs.

CPrivacy monitoring

Privacy monitoring is also a detective/reactive measure that identifies privacy violations once they occur, rather than a preventive countermeasure that neutralizes the value of intercepted PHI.

DData retention

Data retention policies govern how long data is stored and when it must be destroyed; they have no bearing on protecting data from interception during transmission in a MITM scenario.

Concept tested: PHI data leak mitigation via anonymization against MITM

Source: https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html

Topics

#Man-in-the-middle (MITM)#data leak prevention#protected health information (PHI)#data anonymization

Community Discussion

No community discussion yet for this question.

Full CISSP Practice