Certified Information Systems Security Professional (CISSP) — Question 60

Which of the following examples is BEST to minimize the attack surface for a customer's private information?

Answer options

• A. Data masking
• B. Authentication
• C. Obfuscation
• D. Collection limitation

Correct answer: D

Explanation

Collection limitation is the most effective method for minimizing the attack surface because it involves reducing the amount of personal information collected to only what is necessary. Data masking, authentication, and obfuscation, while useful, do not directly limit the exposure of private information but rather aim to protect it after it has been collected.