[Reference: https://cpl.thalesgroup.com/faq, Encryption is a security practice that transforms data into an unreadable format using a secret key or algorithm. Encryption protects the confidentiality and integrity of data, especially when they are stored in a data lake or other cloud-based storage systems. Encryption ensures that only authorized parties can access and use the original data, while unauthorized parties cannot decipher or modify the data without the key or algorithm. Encryption also helps to comply with data protection laws and regulations, such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA), which require data controllers and processors to implement appropriate technical and organizational measures to safeguard personal data., The other options are less effective or irrelevant for securing the original data before storing them in a data lake. Encoding is a process of converting data from one format to another, such as base64 or hexadecimal. Encoding does not protect the data from unauthorized access or use, as it can be easily reversed without a key or algorithm. Backup is a process of creating a copy of data for recovery purposes, such as in case of data loss or corruption. Backup does not protect the data from unauthorized access or use, as it may create additional copies of sensitive data that need to be secured. Classification is a process of assigning labels or categories to data based on their sensitivity, value or risk level, such as public, confidential or restricted. Classification helps to identify and manage the data according to their security requirements, but it does not protect the data from unauthorized access or use by itself., References:, Tokenization: Your Secret Weapon for Data Security? - ISACA, section 2: “Encryption is one of the most effective security controls available to enterprises, but it can be challenging to deploy and maintain across a complex enterprise landscape.”, Credit Card Tokenization: What It Is, How It Works - NerdWallet, section 2: “Encrypting personal data automatically before sending them through email, using encryption standards and algorithms that are compliant with data protection laws and regulations.”, Tokenized Credit Card Data: Everything You Need to Know - Koombea, section 3: “The sensitive card data itself is stored on a server with much higher security.”, What is Data Tokenization and Why is it Important? | Immuta, section 2: “Tokenization replaces the original sensitive data with randomly generated, nonsensitive substitute characters as placeholder data.”, ]