Which security concept is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it?
Which security concept is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it?
Confidentiality is the security concept that focuses on preventing unauthorized access to data while ensuring that authorized users can access it when needed. It involves measures to protect information from being disclosed or leaked to unauthorized parties, thus maintaining privacy and data protection. Ensuring that only those with the proper authorization can access the data is a primary concern of confidentiality.
what a messy question preventing unauthorized access to data --> C confidentiality ensuring that it is accessible to those authorized to use it --> B Availability looks like we have to guess between B and C. As CSSP is more security oriented, i am for C
Availability cant prevent unauthorized access
C. Confidentiality
I'd say B. Availability. https://www.isc2.org/Certifications/CISSP/CISSP-Student-Glossary#:~:text=Availability Availability: Ensuring timely and reliable access to and use of information by authorized users.
I thought B as well, but I think the key words here are "prevent unauthorized access". Availability on it's own does not prevent unauthorized access.
CCSP book states that encryption is designed to prevent unauthorized access
The security concept that is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it is availability (option B). This concept is an important part of information security and focuses on ensuring that data and systems are available to users when they need them, without being compromised or disrupted by unauthorized access or other security threats. Integrity (option A) is related to the accuracy and completeness of data, confidentiality (option C) is focused on protecting data from unauthorized disclosure, and nonrepudiation (option D) is a concept that is used to prevent someone from denying that they performed a certain action.
C is the answer
C confidentiality
Confidentiality is about ensuring that only authorized individuals have access to data, while unauthorized individuals are barred from it. By definition, this security principle means preventing disclosure to those who shouldn’t see the data, and implicitly allowing access to those who are properly authorized. Availability focuses on ensuring the data/systems are online and reachable for authorized users when needed (but does not address unauthorized access). Integrity focuses on preventing unauthorized modification of data and ensuring its accuracy and reliability. Nonrepudiation ensures a party cannot deny (repudiate) having taken an action (e.g., sending a message or signing a document).