CompTIA CASP+ (CAS-004) — Question 600

A company would like to obfuscate PII data accessed by an application that is housed in a database to prevent unauthorized viewing. Which of the following should the company do to accomplish this goal?

Answer options

• A. Use cell-level encryption.
• B. Mask the data.
• C. Implement a DLP solution.
• D. Utilize encryption at rest.

Correct answer: B

Explanation

Masking the data is the best approach as it allows the original data to be hidden while still enabling applications to function correctly. Cell-level encryption and encryption at rest are effective for protecting data, but they do not specifically focus on preventing unauthorized viewing of PII in a user-friendly manner. A DLP solution helps in monitoring and protecting data but does not directly obfuscate the data itself.