nerdexam
ExamsCSSLPQuestions#378
(ISC)2(ISC)2

CSSLP · Question #378

CSSLP Question #378: Real Exam Question with Answer & Explanation

The correct answer is D: Obfuscation. Obfuscation is a data protection approach that intentionally changes or conceals sensitive data values to keep them confidential when used in development and testing environments.

Secure Software Testing

Question

Which data protection approach changes or conceals sensitive values to keep them confidential when they are used in development and testing?

Options

  • ACloud Data Loss Prevention
  • BAnonymization
  • CTokenization
  • DObfuscation

Explanation

Obfuscation is a data protection approach that intentionally changes or conceals sensitive data values to keep them confidential when used in development and testing environments.

Common mistakes.

  • A. Cloud Data Loss Prevention (DLP) is a service to discover, monitor, and protect sensitive data, not a method for changing values for testing.
  • B. Anonymization specifically aims to remove personally identifiable information, which is a specific form of data alteration, while obfuscation is a broader term for concealing values.
  • C. Tokenization replaces sensitive data with a non-sensitive equivalent (a 'token'), which is a specific method, but obfuscation is a more general term for various concealment techniques.

Concept tested. Data obfuscation for development and testing

Reference. https://learn.microsoft.com/en-us/azure/security/fundamentals/data-encryption-overview#data-masking-obfuscation-and-anonymization

Topics

#Data Protection#Data Obfuscation#Test Data Management#Secure Testing

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CSSLP PracticeBrowse All CSSLP Questions