Your organization is launching a public REST API that exposes customer PII to mobile apps across the Internet. The security team requires that all PII be encrypted in transit but does not want to change how the data is stored on either the client or the server. Which control MOST directly meets this requirement?
Enable transparent data encryption (TDE) on the backend database.
Compress every JSON response with the LZ4 algorithm before sending it.
Configure the API gateway to require TLS 1.3 (HTTPS) connections.
Hash each response with SHA-256 before sending it to the client.
Encryption in transit protects data while it is moving across a network. Enabling TLS (HTTPS) on the API gateway creates an encrypted tunnel between the client and server so that PII cannot be intercepted or read in transit. Transparent Data Encryption secures database files at rest only; the traffic that leaves the database server is still plaintext. LZ4 compression reduces payload size but offers no confidentiality. Hashing responses with SHA-256 would render the data unreadable to the client because hashing is one-way and cannot be reversed, so it does not satisfy the requirement to transmit usable-but protected-data. Therefore, requiring TLS 1.3 (or another current TLS version) is the single control that directly fulfills the encryption-in-transit mandate without altering data at rest.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is TLS and why is it necessary for securing APIs?
Open an interactive chat with Bash
Why is Transparent Data Encryption (TDE) not a suitable solution for encryption in transit?
Open an interactive chat with Bash
How does hashing differ from encryption, and why isn't hashing suitable for this use case?
Open an interactive chat with Bash
CompTIA Data+ DA0-002 (V2)
Data Governance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .