CompTIA CySA+ (CS0-002) — Question 166

A developer wrote a script to make names and other PII data unidentifiable before loading a database export into the testing system. Which of the following describes the type of control that is being used?

Answer options

• A. Data encoding
• B. Data masking
• C. Data loss prevention
• D. Data classification

Correct answer: B

Explanation

The correct answer is B, Data masking, as it refers to the method of modifying data to protect sensitive information while retaining its usability for testing. The other options do not accurately describe this process: A (Data encoding) focuses on converting data into a different format, C (Data loss prevention) is about preventing data breaches, and D (Data classification) involves categorizing data based on sensitivity.