Which of the following hard drive sanitation methods provides an organization with the GREATEST level of assurance that data has been permanently erased?
Correct Answer: A
Question 62
Which of the following zones within a data lake requires sensitive data to be encrypted or tokenized?
Correct Answer: C
Question 63
Which of the following is MOST important to review before using an application programming interface (API) to help mitigate related privacy risk?
Correct Answer: D
Explanation Data flows are the most important to review before using an application programming interface (API) to help mitigate related privacy risk. Data flows are the paths or routes that data take from their sources to their destinations through various processes, transformations, or exchanges. Data flows can help understand how data are collected, used, shared, stored, or deleted by an API and its related applications. Data flows can also help identify the potential privacy risks or impacts that may arise from data processing activities involving an API and its related applications. Data flows can be represented by diagrams, maps, models, or documents that show the sources, destinations, types, formats, volumes, frequencies, purposes, or legal bases of data. Data taxonomy, data classification, and data collection are also important for privacy risk mitigation when using an API, but they are not the most important. Data taxonomy is a system of organizing and categorizing data into groups, classes, or hierarchies based on their characteristics, attributes, or relationships. Data taxonomy can help understand the structure, meaning, context, or value of data. Data classification is a process of assigning labels or tags to data based on their sensitivity, confidentiality, criticality, or risk level. Data classification can help determine the appropriate level of protection or handling for data. Data collection is a process of gathering or obtaining data from various sources for a specific purpose or objective. Data collection can help obtain the necessary information or evidence for decision making or problem solving. References: Critical API security risks: 10 best practices | TechBeacon, Open APIs and Security Risks | Govenda Board Portal Software, The top API security risks and how to mitigate them - Appinventiv
Question 64
Which of the following is the MOST important action to protect a mobile banking app and its data against manipulation and disclosure?
Correct Answer: B
Explanation Application hardening measures are the most important action to protect a mobile banking app and its data against manipulation and disclosure because they prevent attackers from reverse engineering, tampering, or injecting malicious code into the app. Application hardening measures include techniques such as code obfuscation, encryption, integrity checks, anti-debugging, and anti-tampering mechanisms. These measures make the app more resilient and secure against various types of cyberattacks. References: * ISACA Certified Data Privacy Solutions Engineer Study Guide, Domain 3: Privacy Engineering, Task 3.4: Implement privacy engineering techniques to protect data in applications and systems, p. 104-105. * What is Application Hardening? | Glossary | Digital.ai
Question 65
Which of the following is the PRIMARY benefit of implementing policies and procedures for system hardening?
