CompTIA CASP+ (CAS-004) — Question 439

A company is developing an application that will be used to perform e-commerce transactions for a subscription-based service. The application must be able to use previously saved payment methods to perform recurring transactions. Which of the following is the most appropriate?

Answer options

• A. Tokenization through an HSM.
• B. Self-encrypting disks with field-level encryption
• C. NX/XN implementation to minimize data retention
• D. Token-based access for application users
• E. Address space layout randomization

Correct answer: A

Explanation

The correct answer is A, as tokenization through a Hardware Security Module (HSM) allows for secure storage and retrieval of payment information, which is essential for recurring transactions. The other options do not directly facilitate the reuse of payment methods; for instance, self-encrypting disks focus on data protection rather than transaction processing.