Which of the following is a mechanism that helps in ensuring that only the intended and authorized
recipients are able to read data?
A.
Integrity
B.
Data availability
C.
Confidentiality
D.
Authentication
Explanation:
Confidentiality is a mechanism that ensures that only the intended and authorized recipients are
able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he
will not get any meaning out of it.
Answer option A is incorrect. In information security, integrity means that data cannot be modified
without authorization. This is not the same thing as referential integrity in databases. Integrity is
violated when an employee accidentally or with malicious intent deletes important data files, when
a computer virus infects a computer, when an employee is able to modify his own salary in a
payroll database, when an unauthorized user vandalizes a web site, when someone is able to cast
a very large number of votes in an online poll, and so on. There are many ways in which integrity
could be violated without malicious intent. In the simplest case, a user on a system could mis-type
someone’s address. On a larger scale, if an automated process is not written and tested correctly,
bulk updates to a database could alter data in an incorrect way, leaving the integrity of the data
compromised. Information security professionals are tasked with finding ways to implement
controls that prevent errors of integrity.
Answer option B is incorrect. Data availability is one of the security principles that ensures that thedata and communication services will be available for use when needed (expected). It is a method
of describing products and services availability by which it is ensured that data continues to be
available at a required level of performance in situations ranging from normal to disastrous. Data
availability is achieved through redundancy, which depends upon where the data is stored and
how it can be reached.
Answer option D is incorrect. Authentication is the act of establishing or confirming something (or
someone) as authentic, i.e., the claims made by or about the subject are true (“authentification” is
a variant of this word).