Certified in Risk and Information Systems Control (CRISC) — Question 992

Which of the following is the BEST method to mitigate the risk of an unauthorized employee viewing confidential data in a database?

Answer options

• A. Implement a data masking process.
• B. Include sanctions in nondisclosure agreements (NDAs).
• C. Implement role-based access control.
• D. Install a data loss prevention (DLP) tool.

Correct answer: C

Explanation

The correct answer is C, as implementing role-based access control restricts database access based on user roles, ensuring that only authorized individuals can view confidential data. Options A and D may help in protecting data but do not specifically prevent unauthorized access. Option B, while important for legal protection, does not provide a technical safeguard against unauthorized access to data.