CompTIA CySA+ (CS0-002) — Question 12

A Chief Information Security Officer (CISO) is concerned developers have too much visibility into customer data. Which of the following controls should be implemented to BEST address these concerns?

Answer options

• A. Data masking
• B. Data loss prevention
• C. Data minimization
• D. Data sovereignty

Correct answer: A

Explanation

Data masking is the most effective control in this scenario because it allows developers to work with data without exposing sensitive customer information. Data loss prevention focuses on preventing data leaks rather than controlling visibility; data minimization reduces the amount of data collected but doesn't protect existing data access; and data sovereignty deals with legal jurisdiction over data rather than visibility control.