CompTIA Security+ 3.3 Security Architecture – Data Security

Posted by:

|

On:

|

Data Security

1 / 25

A security analyst is implementing data protection measures for a system that processes credit card information. Which of the following BEST describes the technique of replacing sensitive data with a non-sensitive placeholder that maps back to the original data?

2 / 25

A security analyst is implementing data protection measures for a system that processes sensitive financial information. Which of the following BEST describes the process of irreversibly transforming data into a fixed-size string of characters?

3 / 25

A security analyst is investigating a potential data breach. During the investigation, it’s discovered that an attacker was able to access encrypted data but was unable to read its contents. Which of the following BEST describes the state of the data that was protected in this scenario?

4 / 25

An organization is implementing a data protection strategy that involves storing sensitive data across multiple cloud providers. Which of the following BEST describes this approach?

5 / 25

An organization is implementing data protection measures for its cloud-based infrastructure. Which of the following BEST describes data sovereignty in this context?

6 / 25

An organization is implementing a data protection strategy for its cloud-based infrastructure. Which of the following BEST describes the concept of data residency in this context?

7 / 25

A security analyst is implementing a solution to protect sensitive customer data stored in a database. The solution should allow partial visibility of the data for customer service representatives while fully protecting it from unauthorized access. Which of the following techniques is MOST appropriate for this scenario?

8 / 25

A security analyst is implementing data protection measures for a system that processes sensitive customer information. Which of the following techniques would be MOST effective in protecting against SQL injection attacks?

9 / 25

A security architect is designing a system to protect sensitive data in a multi-tenant cloud environment. Which of the following technologies would BEST ensure that data remains protected even if the hypervisor is compromised?

10 / 25

A security analyst is implementing data protection measures for a system that processes sensitive customer information. Which of the following techniques would be MOST effective in protecting data from unauthorized access while it is being transmitted over a network?

11 / 25

A security analyst is implementing data protection measures for a system that processes financial transactions. Which of the following BEST describes the state of data when it is stored on a backup tape in an offsite location?

12 / 25

An organization is implementing a comprehensive data protection strategy. Which of the following BEST describes the principle of data minimization?

13 / 25

An organization is implementing a comprehensive data protection strategy. Which of the following BEST describes the purpose of data minimization in this context?

14 / 25

An organization is implementing a data protection strategy for its cloud-based infrastructure. Which of the following BEST describes the concept of data lifecycle management in this context?

15 / 25

An organization is implementing a data protection strategy that involves creating multiple copies of data across different storage systems. Which of the following BEST describes this approach?

16 / 25

A security analyst is implementing data protection measures for a system that processes financial transactions. Which of the following BEST describes the state of data when it is being actively processed by the CPU?

17 / 25

A security analyst is implementing data protection measures for a system that processes personal health information. Which of the following techniques would be MOST effective in protecting data privacy while allowing the data to be used for statistical analysis?

18 / 25

An organization is implementing data loss prevention (DLP) measures. Which of the following BEST describes the state of data that DLP typically monitors when scanning email attachments for sensitive information?

19 / 25

An organization is implementing a data protection strategy for its cloud-based infrastructure. Which of the following BEST describes the process of converting sensitive data elements into non-sensitive equivalents that have no extrinsic or exploitable meaning or value?

20 / 25

An organization is implementing a data protection strategy for its cloud-based infrastructure. Which of the following BEST describes the concept of data lineage in this context?

21 / 25

A security administrator needs to implement a solution that replaces sensitive data with a unique identifier while retaining the ability to reverse the process. Which of the following techniques is MOST appropriate?

22 / 25

An organization is implementing a data classification policy. Which of the following is the MOST appropriate classification for data that, if disclosed, could result in significant damage to the organization’s reputation and financial standing?

23 / 25

An organization is implementing a data retention policy. Which of the following BEST describes the purpose of data retention in the context of information security?

24 / 25

A security administrator is implementing data loss prevention (DLP) measures. Which of the following is the MOST effective way to prevent data exfiltration via email attachments?

25 / 25

An organization is implementing a data protection strategy for its cloud-based infrastructure. Which of the following BEST describes the shared responsibility model in this context?

Your score is

Exit