Certified in Risk and Information Systems Control (CRISC) — Question 494

Which of the following practices would be MOST effective in protecting personally identifiable information (PII) from unauthorized access in a cloud environment?

Answer options

• A. Apply data classification policy.
• B. Require logical separation of company data.
• C. Obtain the right to audit.
• D. Utilize encryption with logical access controls.

Correct answer: D

Explanation

Utilizing encryption with logical access controls is the most effective way to protect PII, as it ensures that data is secured and only accessible to authorized users. While applying a data classification policy, requiring logical separation of data, and obtaining audit rights are important practices, they do not provide the same level of direct protection for data as encryption does.