ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your team plans to publish an internal customer dataset for public research. Direct identifiers (name, email, customer number) have been replaced with random identifiers, but fields for full birth date, 5-digit ZIP code, and gender remain. The privacy policy mandates the release be fully anonymous. What additional step best meets this requirement?

Require external researchers to sign a confidentiality agreement and access the data through a VPN gateway.
Replace each random identifier with a salted SHA-256 hash before distribution.
Aggregate or suppress quasi-identifiers like birth date and ZIP code until no individual can be uniquely singled out.
Encrypt the dataset with AES-256 before emailing it to the researchers.

Report Issue

Answer Description

To achieve full anonymity, the dataset must be rendered so that no individual can be re-identified, even when it is combined with other publicly available data. Birth date, ZIP code, and gender are quasi-identifiers that can uniquely single out many people. Generalizing (for example, using birth year instead of exact date or three-digit ZIP codes) or suppressing these attributes removes that residual linkage risk. Hashing the random identifier only obscures the surrogate key, while the quasi-identifiers still enable matching. Confidentiality agreements, VPNs, or encryption in transit protect the data during handling, but they do not change the fact that the data itself can still be re-identified once decrypted, so they do not satisfy the requirement for a fully anonymous release.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.