Answer-first summary for fast verification
Answer: Masking, a technique that replaces sensitive values with surrogate characters (e.g., hash '#' or asterisk '*') to hide the actual data while preserving its format., Tokenization, a process that replaces sensitive data with non-sensitive equivalents, called tokens, which have no extrinsic or exploitable meaning or value.
Masking is the most suitable technique for this scenario as it directly replaces sensitive values with surrogate characters, ensuring the data's confidentiality without altering its format, which is crucial for maintaining data utility. Tokenization is also appropriate as it replaces sensitive data with non-sensitive tokens, further enhancing security without compromising the data's usability for analysis. Format-preserving encryption (FPE) encrypts data while maintaining its original format, but it may not be as straightforward as masking or tokenization for the specific requirement of surrogate character substitution. k-anonymity anonymizes data to prevent identification of individuals but doesn't specifically address the need for surrogate characters. Replacement substitutes sensitive data with specified values but lacks the specificity of masking or tokenization for character substitution and security enhancement.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
In your role at a leading Banking group, you're tasked with enhancing the security of customer data processing. The project involves the automated collection and processing of large datasets from various documents, which contain highly sensitive information such as credit card numbers and personal identification details. Due to strict compliance requirements, this sensitive data must not be disclosed in any form. Your team is considering several techniques to ensure data confidentiality by substituting sensitive data with surrogate characters, while maintaining the data's usability for analysis. Which of the following techniques would be most appropriate for this scenario, considering the need for data utility and compliance with data protection regulations? (Choose two options if option E is available)
A
k-anonymity, a technique designed to anonymize data in such a way that the individuals whom the data describe cannot be identified, while still allowing the data to be useful for analysis.
B
Replacement, a straightforward method that involves substituting sensitive data elements with a specified value or placeholder.
C
Format-preserving encryption (FPE), a method that encrypts data in a way that the output is in the same format as the input, such as encrypting a 16-digit credit card number into another 16-digit number.
D
Masking, a technique that replaces sensitive values with surrogate characters (e.g., hash '#' or asterisk '*') to hide the actual data while preserving its format.
E
Tokenization, a process that replaces sensitive data with non-sensitive equivalents, called tokens, which have no extrinsic or exploitable meaning or value.