ExpertMedium1 markMultiple Choice
CPA · Question 26 · Area II: Security
Which of the following best describes 'Tokenization'?
Which of the following best describes 'Tokenization'?
Answer options:
A.
Scrambling data using a mathematical formula and a key.
B.
Replacing sensitive data with a non-sensitive equivalent that has no extrinsic or exploitable meaning.
C.
Hiding data within an image or audio file.
D.
Masking all but the last four digits of a number.
How to approach this question
Differentiate Tokenization (random replacement) from Encryption (mathematical transformation).
Full Answer
B.Replacing sensitive data with a non-sensitive equivalent that has no extrinsic or exploitable meaning.✓ Correct
Replacing sensitive data with a non-sensitive equivalent that has no extrinsic or exploitable meaning.
Tokenization reduces risk because the token itself cannot be reversed to the original data without access to the token vault.
Common mistakes
Confusing Tokenization with Encryption.
Practice the full CPA ISC Practice Exam 2
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll platform where clients access the software ...MediumQ02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...HardQ03During a walkthrough of the change management process, an auditor observes that developers have w...MediumQ04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...HardQ05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium