Certified Information Privacy Technologist (CIPT) — Question 172

What logs should an application server retain in order to prevent phishing attacks while minimizing data retention?

Answer options

• A. Limited-retention, de-identified logs including only metadata.
• B. Limited-retention, de-identified logs including the links clicked in messages as well as metadata.
• C. Limited-retention logs including the identity of parties sending and receiving messages as well as metadata.
• D. Limited-retention logs including the links clicked in messages, the identity of parties sending and receiving them, as well as metadata.

Correct answer: B

Explanation

Option B is the correct choice as it includes de-identified logs that capture the links clicked in messages, which is crucial for identifying phishing attempts without retaining sensitive user data. Options A and C lack the necessary details about links clicked, making them less effective in preventing phishing. Option D, while comprehensive, retains more information than necessary, contradicting the goal of minimizing data retention.