LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

How do you prevent sensitive data exposure (cryptographic failures)?

Don't store what you don't need, encrypt everything else, and use strong algorithms — the seven measures below each defend one of those three fronts.

# Measure Why
1 Don't store sensitive data unless absolutely necessary Can't leak what you don't have
2 Encrypt at rest and in transit Protects data in storage and on the wire
3 Use strong algorithms (AES-256, RSA-2048+, not DES/RC4) Weak algorithms = false sense of security
4 Use CSPRNG (not Math.random()) Predictable randomness breaks crypto
5 Proper key management (rotation, secure storage) A leaked key compromises all data
6 Hash passwords with bcrypt/Argon2 (salted) Slow hashing resists brute force
7 Set HSTS header to enforce HTTPS Prevents protocol downgrade attacks

See: OWASP Cryptographic Storage Cheat Sheet

From Quiz: SPRG / OWASP Top 10 | Updated: Jul 14, 2026