nerdexam
(ISC)2

CISSP-ISSMP · Question #37

Which of the following statements about the integrity concept of information security management are true? Each correct answer represents a complete solution. Choose three.

The correct answer is A. It ensures that unauthorized modifications are not made to data by authorized personnel or processes. C. It ensures that modifications are not made to data by unauthorized personnel or processes. D. It ensures that internal information is consistent among all subentities and also consistent with the real-world,. Integrity in information security ensures that data is accurate, complete, consistent, and protected from unauthorized modification. A is correct: even authorized personnel must follow proper procedures; unauthorized modifications by authorized users still violate integrity. C is

Foundational Security Concepts

Question

Which of the following statements about the integrity concept of information security management are true? Each correct answer represents a complete solution. Choose three.

Options

  • AIt ensures that unauthorized modifications are not made to data by authorized personnel or processes.
  • BIt determines the actions and behaviors of a single individual within a system
  • CIt ensures that modifications are not made to data by unauthorized personnel or processes.
  • DIt ensures that internal information is consistent among all subentities and also consistent with the real-world,

How the community answered

(34 responses)
  • A
    88% (30)
  • B
    12% (4)

Explanation

Integrity in information security ensures that data is accurate, complete, consistent, and protected from unauthorized modification. A is correct: even authorized personnel must follow proper procedures; unauthorized modifications by authorized users still violate integrity. C is correct: unauthorized personnel or processes must never be able to modify data. D is correct: integrity also covers internal consistency of data across subsystems and its correspondence with real-world facts (a key property in database and distributed system contexts). B is incorrect because tracking 'actions and behaviors of a single individual within a system' describes Accountability (or non-repudiation), not integrity. Integrity is about the state of the data, not about individual user behavior tracking.

Topics

#Information Integrity#CIA Triad#Security Principles#Data Security

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSMP Practice