While performing a security review for a new product, an information security professional discovers that the organization's product development team is proposing to collect government-issued identification (ID) numbers from customers to use as unique customer identifiers. Which of the following recommendations should be made to the product development team?
When designing customer identifiers, it is crucial to protect personally identifiable information (PII) such as government-issued ID numbers. Using customer identifiers that do not resemble the user's government-issued ID number helps mitigate risks related to identity theft and regulatory breaches. Therefore, customer identifiers that are distinct and unrelated to the user's government-issued ID number should be used, ensuring the protection of sensitive information.
C sounds like it is defining/leading towards tokenization. Take the government identifier and turn into a token. Ideally the token won't resemble the original sensitive gov id but could be used as a unique derived customer identifier
C is correct
I don't think it is needed to use government ID for Customer identifiers.
I don’t care if I am right or not; it would be wrong to collect gov IDs for such a trivial thing.
Good luck on the CISSP with that....
B makes sense because it would hide the gov identifier, but i think im leaning C?
"development team is proposing to collect government-issued identification (ID) numbers from customers to use as unique customer identifiers", it this is the unique usage, it would be right to use another identifier
Answer C) You may need to put the customer identifier on paperwork....and writing out a HASH won't be reasonable.
Option C is the general definition of de-identification techniques. And I feel it is right, because you can use any technique you want for example; anonymization, masking, tokenization, hashing, encryption, etc.
Carefully reading option C - I am interpreting as "Use non government user ID instead" C is correct.
CISSP Official Study Guide 6th edition - 'Hashing functions are algorithms which, when applied to plain text, produce a representation of that plain text. This message digest can be used to verify the integrity of the original plaintext (or a copy of it) by reapplying the hash function to it.' Hash the government ID and you obfuscate what the original number was.
hit submit instead of convert to vote - answer - IS - B!
C. Customer identifiers that do not resemble the user's government-issued ID number should be used. Using government-issued ID numbers as customer identifiers could put customers' personal information at risk, as these numbers can be used for identity theft. Additionally, it may violate regulations such as the General Data Protection Regulation (GDPR) and other privacy laws. To mitigate this risk, the information security professional should recommend that the product development team use a different type of customer identifier that does not resemble the user's government-issued ID number. This could include a randomly generated alphanumeric string or a combination of letters and numbers, it could also be a unique identifier that is generated by the system and is not related to the user's personal information.
Do not use PII, unless you absolutly need it.
Option D suggests using a variant of the user's name as the customer identifier, for example, "jdoe" or "john.doe." While this may seem like a reasonable alternative, it is not recommended because it is still possible for an attacker to use the customer identifier to guess the user's actual name or other personal information. Using customer identifiers that do not resemble the user's government-issued ID number is a better approach because it makes it more difficult for attackers to guess or obtain the user's personal information.
I choose C. Even hash is meant to be irreversible, storing hash still store the actual ID in some form. Hash may be cracked to reveal the actual data. This is especially the case when weak hash are used. And of course cracking strong hashing algorithm like BCrypt is very hard, but theoretically it can still be performed. It may also be easier to create a rainbow table/perform a bruteforce attack, given the ID format/length is fixed and publicly known. C just said that a ID that doesn't resembles the actual government ID was used, which sounds better.
I know you are between B and C. but the answer is C. WHY? Bcoz it is another department and you are the CISSP. You cannot tell them what to do. There might be easier ways for them to use govt ID numbers in different ways or use something else. Also, when you say "B", it means you agree C so that you take a step ahead to give them this idea on B. C comes first and leads to B. C is the answer.