CompTIA Security Plus Mock Test Q813

A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data?

A. Database field encryption
B. File-level encryption
C. Data loss prevention system
D. Full disk encryption

Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Database encryption makes use of cryptography functions that are built into the database software to encrypt the data stored in the data base. This often offers granular encryption
options which allows for the encryptions of the entire database, specific database tables, or specific database fields, such as a credit card number field.

Incorrect Answers:
B: File-level encryption would involve encrypting the entire database file. This would mean that accessing any data in the database would involve the overhead of decrypting the data.
C: A data loss prevention system is a system designed to detect a potential data breach. It is not used to encrypt data.
D: Full disk encryption would involve encrypting the entire hard disk. This would mean that accessing any data in the hard disk would involve the overhead of decrypting the data.

References:
http://docs.oracle.com/cd/B28359_01/network.111/b28530/asotrans.htm#g1011122
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 252-255