Free COMPTIA Datasys+ DS0-001 Actual Exam Questions - Question 12 Discussion
contains sensitive dat
a. Which of the following should the database administrator do before giving the developers access
to the environment?
B imo, removing sensitive data outright is the safest bet if devs don’t actually need it. Masking still carries some risk if done poorly, but deleting sensitive info leaves no chance for leaks.
C/D? Encrypting connections (D) is important but doesn’t prevent exposure of data itself, so it feels more like a secondary step. Masking (C) limits real data exposure while keeping devs able to work realistically.
Maybe C, masking keeps the data functional without risking exposure like B might.
Probably B here. If the devs don’t actually need the real sensitive info, just stripping it out completely is the safest move. Masking (C) still leaves some form of the data, which might be risky depending on how good the masking is. Encryption (D) helps with connection security but doesn’t protect the data itself if it’s visible once accessed. Auditing access (A) is good practice but not enough before giving access in the first place. So removing sensitive data entirely seems like the most straightforward way to reduce risk here.
C, masking keeps data usable without exposing real info.
B imo, removing sensitive data fully avoids any risk if real data isn’t needed.
Option C, masking secures data but keeps it usable for devs.
I agree with C for sure, but also think B could work if masking isn’t feasible. Removing sensitive data outright means devs won’t see any real info, which might be safer. But masking lets them test better without risking exposure. A and D alone don’t really stop sensitive data from being seen once accessed.
I think the best move is C. Mask the sensitive data. That way, devs can work with realistic info without exposing sensitive details. Just encrypting connections (D) doesn’t protect the data itself once accessed. What do you guys think?