Certified Ethical Hacker (CEH v10) — Question 161

Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?

Answer options

• A. Do not back up either the credit card numbers or their hashes.
• B. Encrypt backup tapes that are sent off-site.
• C. Back up the hashes of the credit card numbers not the actual credit card numbers.
• D. Hire a security consultant to provide direction.

Correct answer: D

Explanation

Hiring a security consultant provides expert guidance on best practices for handling sensitive data like credit card numbers, ensuring compliance and security measures are in place. The other options either suggest insufficient protection (A and C) or do not cover the advisory aspect of security (B).