ExpertMedium1 markMultiple Choice
CPA · Question 54 · Area II: Security
A company replaces sensitive credit card numbers in their database with a random string of characters that has no mathematical relationship to the original number. The mapping is stored in a secure vault. This technique is called:
A company replaces sensitive credit card numbers in their database with a random string of characters that has no mathematical relationship to the original number. The mapping is stored in a secure vault. This technique is called:
Answer options:
A.
Encryption
B.
Hashing
C.
Tokenization
D.
Masking
How to approach this question
Key phrase: 'no mathematical relationship'.
Full Answer
C.Tokenization✓ Correct
Tokenization
Tokenization replaces sensitive data with a non-sensitive equivalent (token). Unlike encryption, you cannot mathematically reverse a token to get the data; you must look it up in the vault.
Common mistakes
Confusing Tokenization with Encryption.
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy