Certified Incident Handler (ECIH) — Question 47

Andre, a security professional, was tasked with segregating the employees' names, phone numbers, and credit card numbers before sharing the database with clients. For this purpose, he implemented a deidentification technique that can replace the critical information in database fields with special characters such as asterisks (*) and hashes (#).
Which of the following techniques was employed by Andre in the above scenario?

Answer options

• A. Tokenization
• B. Masking
• C. Hashing
• D. Bucketing

Correct answer: B

Explanation

The correct answer is B, Masking, as it involves obscuring sensitive data with symbols to protect it while still allowing it to be used for certain purposes. Tokenization (A) replaces sensitive data with unique identifiers but does not obscure it with characters. Hashing (C) transforms data into a fixed-size string, making it irreversible, which is not what is described here. Bucketing (D) refers to grouping data rather than obscuring it.