CompTIA Security+ (SY0-601) — Question 97

A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?

Answer options

• A. Salting the magnetic strip information
• B. Encrypting the credit card information in transit
• C. Hashing the credit card numbers upon entry
• D. Tokenizing the credit cards in the database

Correct answer: D

Explanation

Tokenization is the best choice as it replaces sensitive credit card details with a non-sensitive equivalent, or token, which can be stored safely. Salting the magnetic strip information and hashing the credit card numbers do not allow for easy reordering, while encrypting data in transit does not address storage security.