CCSP Exam - Question 428

'A' should read "secure remote access of data", as in connecting to a resource from outside the protected network to read data which is then masked. "Secure Remote Access" is misleading in that it makes one think of VPNs and encryption.

How does data masking help secure remote access?

Arguably when you enter your password in certain sites the keystrokes are masked.. This is a very misleading question and an even more debatable answer.

data masking help secure remote access by not displaying password it does not take part in the actual authentication process

answer A is correct

Based on the wording clearly A and C both fit the narrative of the question

it's pretty 'round about'. I guess yo ucan enforce least priv by not masking data to some people. and remote access by masking data from remote users. test data in sandbox is a given. so authentication is the best answer

C: Authentication of privileged users

Data masking is primarily used to protect sensitive data by replacing it with obfuscated or anonymized values while maintaining its usability for testing, development, or security purposes. However, it does not play a role in authentication. 🔹 What Data Masking Can Do: A. Secure Remote Access → Helps ensure sensitive data is protected when accessed remotely. B. Test Data in Sandboxed Environments → Allows the use of realistic but anonymized data for testing without exposing actual sensitive information. D. Enforcing Least Privilege → Supports role-based access by restricting access to de-identified or masked data based on user permissions. 🔹 Why Not "Authentication of Privileged Users"? Authentication is the process of verifying a user’s identity (e.g., passwords, MFA, biometrics). Data masking does not verify user identity—it only hides or alters data visibility based on access policies.