Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 212-89 Exam - Topic 9 Question 86 Discussion

Actual exam question for Eccouncil's 212-89 exam
Question #: 86
Topic #: 9
[All 212-89 Questions]

[Incident Handling and Response Process]

Your company holds a large amount of customer PH. and you want to protect those data from theft or unauthorized modification. Among other actions, you classify and encrypt the dat

a. In this process, which of the following OWASP security risks are you guarding against?

Show Suggested Answer Hide Answer
Suggested Answer: D

By classifying and encrypting customer Personally Identifiable Information (PHI), you are specifically guarding against the risk of Sensitive Data Exposure. This OWASP security risk involves the accidental or unlawful exposure of protected data to unauthorized individuals. Encryption serves as a critical defense mechanism by ensuring that, even if data is accessed without authorization, it remains unintelligible and useless to the attacker without the decryption keys. Data classification further supports this by identifying which data is sensitive and requires such protections, ensuring that appropriate security controls are applied to prevent exposure.


by Mollie at Nov 20, 2025, 01:37 PM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Bulah
5 days ago
True, Dana. But D is more relevant here. We need to focus on data protection.
upvoted 0 times
...
Annita
10 days ago
I think B) Security misconfiguration is also a risk. Misconfigurations can lead to data leaks.
upvoted 0 times
...
Noel
15 days ago
Definitely D. Encryption helps prevent unauthorized access.
upvoted 0 times
...
Krissy
20 days ago
Agreed, Alice. Protecting PH data is crucial.
upvoted 0 times
...
Gaston
26 days ago
I'm leaning towards D) Sensitive data exposure. It makes sense.
upvoted 0 times
...
Cheryll
1 month ago
I don't see how broken authentication fits in this scenario.
upvoted 0 times
...
Rebbecca
1 month ago
Wait, are we really sure about D? Seems a bit broad.
upvoted 0 times
...
Jeannetta
1 month ago
I’m a bit confused about insecure deserialization. I don’t see how that connects to encrypting PHI. Maybe I’m missing something?
upvoted 0 times
...
Corrinne
2 months ago
I practiced a similar question where encryption was tied to protecting sensitive data. I feel like D is the most relevant here.
upvoted 0 times
...
Cristal
2 months ago
I’m not entirely sure, but I remember something about security misconfiguration being a risk too. Could it relate to how we handle the encryption settings?
upvoted 0 times
...
Kristeen
2 months ago
I think we’re definitely guarding against sensitive data exposure since we’re encrypting customer PHI. That seems to fit the question well.
upvoted 0 times
...
Lera
3 months ago
B. Security misconfiguration. Encryption can be a real pain if you don't have it set up right.
upvoted 0 times
...
Rolland
3 months ago
D. Sensitive data exposure. Easy peasy, protect that PH data!
upvoted 0 times
...
Dorsey
3 months ago
Hmm, I'd say C. Broken authentication. Gotta make sure those encryption keys are secure, you know?
upvoted 0 times
...
Dana
3 months ago
D. Sensitive data exposure, no doubt. Wouldn't want those customer details falling into the wrong hands!
upvoted 0 times
...
Devora
3 months ago
I'm going with B. Security misconfiguration. Encryption and classification can be tricky to set up properly.
upvoted 0 times
...
Bronwyn
3 months ago
D. Sensitive data exposure makes the most sense here. Gotta protect that customer PH!
upvoted 0 times
...
Margart
4 months ago
The correct answer is D. Sensitive data exposure.
upvoted 0 times
...
Wilda
4 months ago
I'm a little confused on this one. I know encryption is important for data protection, but I'm not sure which specific OWASP risk it's addressing. I'll have to review my notes on the OWASP top 10 to make sure I choose the right answer.
upvoted 0 times
...
Ramonita
4 months ago
Okay, I've got this. Encrypting the data is all about protecting sensitive information, so the right answer has to be D. Sensitive data exposure is the OWASP risk you're guarding against by classifying and encrypting the customer data.
upvoted 0 times
...
Madelyn
4 months ago
Agreed, but A) Insecure deserialization could be a concern too.
upvoted 0 times
...
Huey
4 months ago
I think B) Security misconfiguration is also a big risk here.
upvoted 0 times
...
Gayla
5 months ago
Easy peasy! Encrypting the data is all about protecting sensitive information from exposure, so the answer is clearly D. Sensitive data exposure is the OWASP risk you're addressing by taking these security measures.
upvoted 0 times
...
Albina
5 months ago
Definitely guarding against D) Sensitive data exposure.
upvoted 0 times
...
Lili
5 months ago
Hmm, I'm a bit unsure about this one. Encrypting the data could also help prevent security misconfigurations, so I'm not sure if B or D is the right answer. I'll have to think this through a bit more.
upvoted 0 times
...
Mirta
5 months ago
I think this is asking about the OWASP security risks that are relevant to protecting sensitive customer data. Encrypting the data would help guard against sensitive data exposure, so I'm going to go with option D.
upvoted 0 times
Shaunna
4 months ago
I agree, option D makes the most sense.
upvoted 0 times
...
...

Save Cancel