CompTIA SecurityX (CAS-005) — Question 55

A company is developing an application that will be used to perform e-commerce transactions for a subscription-based service. The application must be able to use previously saved payment methods to perform recurring transactions. Which of the following is the most appropriate?

Answer options

• A. Tokenization through an HSM
• B. Self-encrypting disks with field-level encryption
• C. NX/XN Implementation to minimize data retention
• D. Token-based access for application users
• E. Address space layout randomization

Correct answer: A

Explanation

The correct answer, A, Tokenization through an HSM, is appropriate because it securely replaces sensitive payment information with a token, allowing for safe recurring transactions. The other options, while related to security, do not directly address the need for handling saved payment methods for recurring transactions.