What type of masking would you employ to produce a separate data set for testing purposes based on production data without any sensitive information?
What type of masking would you employ to produce a separate data set for testing purposes based on production data without any sensitive information?
Static masking involves taking a data set and replacing sensitive fields and values with non-sensitive or garbage data. This is done to enable testing of an application against data that resembles production data, both in size and format, but without containing anything sensitive. Dynamic masking involves the live and transactional masking of data while an application is using it. Tokenized would refer to tokenization, which is the replacing of sensitive data with a key value that can later be matched back to the original value, and although it could be used as part of the production of test data, it does not refer to the overall process. Replicated is provided as an erroneous answer, as replicated data would be identical in value and would not accomplish the production of a test set.
D. Static
B: Tokenized
There are only two testing DAST and SAST. Therefore , it rules out B and C.
Static Data Masking (SDM) is used to create a separate, de-identified data set for testing purposes based on real production data. It permanently replaces sensitive data with masked values, ensuring that test environments do not contain real PII or confidential data. Why Not the Others? A. Dynamic → Dynamic Data Masking (DDM) masks data only at query time, meaning the original data remains unchanged in the database—not suitable for creating a separate test dataset. B. Tokenized → Tokenization replaces sensitive data with a non-sensitive equivalent (token), but it typically maintains a mapping back to the original data, making it less ideal for testing where true anonymization is needed. C. Replicated → Replication simply copies the production database, without masking sensitive data, making it insecure for testing.