CERTIFIED-IN-CYBERSECURITY · Question #563
CERTIFIED-IN-CYBERSECURITY Question #563: Real Exam Question with Answer & Explanation
The correct answer is A: Ensuring access to data only to authorized users. Confidentiality is about ensuring that information is accessible only to those with the appropriate privileges, and protecting the data from unauthorized access, disclosure, or destruction (see the ISC2 Study Guide, Chapter 1, Module 1). For example, a company might encrypt sensi
Question
What is a definition of confidentiality?
Options
- AEnsuring access to data only to authorized users
- BEnsuring completeness and consistency of data
- CEnsuring privacy of user data
- DEnsuring that data has not been altered in an unintended manner
Explanation
Confidentiality is about ensuring that information is accessible only to those with the appropriate privileges, and protecting the data from unauthorized access, disclosure, or destruction (see the ISC2 Study Guide, Chapter 1, Module 1). For example, a company might encrypt sensitive documents and make them available only to certain people with the correct decryption keys to ensure the confidentiality of the information. In this context, the other options are not the right ones. Ensuring that data has not been altered relates to data integrity, which is about maintaining the accuracy and consistency of data, not its confidentiality. Ensuring privacy is a broader concept that includes confidentiality, but also includes practices such as obtaining consent for data collection and providing transparency about data use. Ensuring that data is accessible when needed relates to data availability, another critical aspect of information security, but not specifically to confidentiality
Topics
Community Discussion
No community discussion yet for this question.