I have a DB that is encrypted, however fields such as email and phone number are not encrypted. On security questionnaires, I get the question - "Is your data encrypted at rest". With the DB being encrypted, restricted user access and only available via MFA access, can I answer yes to that questionnaire, even though the individual fields are not encrypted? I know the restricted access and MFA are not part of encryption but shows the data is secured.
With your "data at rest" IF there is ANY plain text than NO obviously its not encrypted. Your presentation of the question is a bit confusing. If I pull your drive and subject it to forensic analysis will I be able to see ANY plain text of this DB? Its either yes or no.
