I'm studying for the CCSP and from a high-level, I keep hearing encryption described in three forms:
- Protecting data at rest.
- Protecting data in transit.
- Protecting data in use.
The first two make sense to me, but then I'm struggling to think of a practical example for the third scenario. Can someone elaborate? Unfortunately, my study material doesn't elaborate.
One scenario I could think of would be (perhaps) masking some sensitive information (like only showing the last four digits of a credit card number to a customer service rep). That might be a stretch though... because technically wouldn't the data still be at rest?