🔥 3-day streak
CompTIA SecurityX (CAS-005)108 / 120
Question 108 of 120
A retail company stores customer payment card numbers to support recurring subscription billing and refunds. The security architect must reduce the systems that fall within audit scope while ensuring the original card data is not retrievable by application servers that only need to reference prior transactions. The chosen mechanism must produce a non-mathematically-reversible substitute value that internal analytics and billing systems can use for lookups. Which data protection approach best meets these requirements?
Reviewed for accuracy · Report an issueNext question