Quiz Entry - updated: 2026.07.14
How do you prevent sensitive data exposure (cryptographic failures)?
Don't store what you don't need, encrypt everything else, and use strong algorithms — the seven measures below each defend one of those three fronts.
| # | Measure | Why |
|---|---|---|
| 1 | Don't store sensitive data unless absolutely necessary | Can't leak what you don't have |
| 2 | Encrypt at rest and in transit | Protects data in storage and on the wire |
| 3 | Use strong algorithms (AES-256, RSA-2048+, not DES/RC4) | Weak algorithms = false sense of security |
| 4 | Use CSPRNG (not Math.random()) |
Predictable randomness breaks crypto |
| 5 | Proper key management (rotation, secure storage) | A leaked key compromises all data |
| 6 | Hash passwords with bcrypt/Argon2 (salted) | Slow hashing resists brute force |
| 7 | Set HSTS header to enforce HTTPS | Prevents protocol downgrade attacks |