Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 140

Which scenario is an example of the pseudonymization of sensitive data that meets GDPR requirements?

Answer options

• A. implementing X-Forwarded-For at the frontend of a web app to enable the source IP addresses of headers to change
• B. separating the sensitive data into its own dedicated, secured data store and using tokens in its place.
• C. encrypting sensitive data at rest by using native cloud services and data in transit by using SSL/TLS transport.
• D. leveraging an application load balancer at the frontend of a web app for SSL/TLS decryption to inspect data in transit.

Correct answer: B

Explanation

Option B is correct because pseudonymization involves replacing sensitive data with tokens while keeping the original data secure, which aligns with GDPR requirements. The other options focus on security measures such as encryption or load balancing but do not involve the pseudonymization process.