You just hired an outside developer to modernize some applications with new web services and functionality. In order to implement a comprehensive test platform for validation, the developer needs a data set that resembles a production data set in both size and composition.
In order to accomplish this, what type of masking would you use?
To provide a data set that resembles the production data set in both size and composition while ensuring that no sensitive data is exposed, static masking is the most appropriate method. Static masking involves taking a copy of the production data and masking sensitive information to create a masked but representative data set. This allows the developer to have a comprehensive data set for testing purposes without compromising data security.
C. Static
D. Dynamic
Static Application Security Testing (SAST) as it is not interrupting the workflow.
Static data masking involves creating a copy of the production data set where sensitive information is permanently replaced or altered. This produces a data set that closely resembles production in size and composition but is safe for use in non-production environments such as a comprehensive test platform. Dynamic masking, on the other hand, applies changes in real time on live data and isn’t as suited for creating a separate, static test copy. Development or replicated masking are not standard terms in this context.