Correct answer:

Contractual is correct. Contractual PII has specific requirements for the handling of sensitive and personal information, as defined at a contractual level. These specific requirements will typically document the required handling procedures and policies to deal with PII. They may be in specific security controls and configurations, required policies or procedures, or limitations on who may gain authorized access to data and systems.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Regulations is correct. During any audit, regulations are the most important factor and guidelines for what must be tested. Although the requirements from management, stakeholders, and shareholders are also important, regulations are not negotiable and pose the biggest risk to any organization for compliance failure.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Containers is correct. Containers are wrappers that contain all the code, configurations, and libraries needed for an application or service. With the containers being deployed exactly the same to all locations, the costs for validation can be substantially decreased.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

SOX is correct. The Sarbanes-Oxley (SOX) Act is not an act that pertains to privacy or IT security directly but rather regulates accounting and financial practices used by organizations. It was passed to protect stakeholders and shareholders from improper practices and errors, and it sets forth rules for compliance, regulated and enforced by the Securities and Exchange Commission (SEC). The main influence on IT systems and operations is the requirements it sets for data retention, specifically in regard to what types of records must be preserved and for how long.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Static is correct. With static masking, a separate and distinct copy of the data set is created with masking in place. This is typically done through a script or other process that takes a standard data set, processes it to mask the appropriate and predefined fields, and then outputs the data set as a new one with the completed masking done.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Cryptographic erasure is correct. Cryptographic erasure is the process of making data unrecoverable and inaccessible through the destruction of the keys used to encrypt it, rather than through the actual deletion of that data. With large data sets, this process is far quicker than taking the time to actually delete the data, and it is a universal method that works within any type of environment or system.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Data is correct. Regardless of which cloud hosting model is used, the cloud customer always has sole responsibility for the data and its security.

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Sandboxing is correct. Sandboxing involves segregating and isolating information or processes from others within the same system or application, typically for security concerns. Sandboxing is generally used for data isolation (for example, keeping data from different communities and populations of users isolated from other similar data).

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

Store is correct. With the Store step, data is placed into a storage system. This includes but is not limited to databases, files, and spreadsheets. This is typically done as part of creation or immediately thereafter. (The steps are as follows: Create, Store, Use, Share, Archive, and Destroy.)

Incorrect answers:

All other answers choices are incorrect.

Correct answer:

XML and JSON is correct. JavaScript Object Notation (JSON) and Extensible Markup Language (XML) are the most commonly used data formats for the REST API, and they are typically implemented with caching for increased scalability and performance.

Incorrect answers:

All other answers choices are incorrect.