A healthcare organization needs to implement additional security controls to protect patient data. The organization currently has strong perimeter security but is concerned about protecting data that might be accessed if systems or the internal network are compromised. Which of the following would BEST protect the patient data both when stored and when transmitted between systems?
File integrity monitoring combined with network segmentation
Implementation of both database encryption and TLS
Anti-malware with deep packet inspection
Database encryption with application-level access controls
The correct answer is implementing both database encryption and TLS. This comprehensive approach addresses both data states: data at rest (through database encryption) and data in transit (through Transport Layer Security).
Database encryption protects the stored patient records even if unauthorized access to storage systems occurs, while TLS ensures that data moving between systems is encrypted during transmission, preventing interception attacks.
The other options only address one state of data protection or implement insufficient controls:
Anti-malware alone provides no encryption protection for data in either state
Database encryption alone leaves data vulnerable during transmission
Application-level access controls are important for authorization but don't encrypt the data itself
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is database encryption and how does it work?
Open an interactive chat with Bash
What is TLS and how does it protect data in transit?
Open an interactive chat with Bash
What are data at rest and data in transit?
Open an interactive chat with Bash
ISC2 CISSP
Security Operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access