Certified Information Security Manager (CISM) — Question 495

Which of the following is the BEST method to protect consumer private information for an online public website?

Answer options

• A. Apply strong authentication to online accounts
• B. Encrypt consumer data in transit and at rest
• C. Use secure encrypted transport layer
• D. Apply a masking policy to the consumer data

Correct answer: B

Explanation

The correct answer is B because encrypting consumer data in transit and at rest ensures that it is protected from unauthorized access during transmission and while stored. Option A, strong authentication, is important but does not fully protect data itself. Option C refers to transport security, which is a part of encryption but not as comprehensive as option B. Option D, applying a masking policy, may obscure data but does not provide full protection from data breaches.