CISA Certified Information Systems Auditor – Question2066

An organization’s software develops need access to personally identifiable information (PII) stored in a particular data format. Which of the following would be the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?

A.
Data masking
B. Data encryption
C. Data tokenization
D. Data abstraction

Correct Answer: C