Which of the following best expresses the primary goal when controlling access to assets?Group of answer choicesEnsure that all subjects are authenticated.Preserve confidentiality, integrity, and availability of systems and data.Ensure that only valid objects can authenticate on a system.Prevent unauthorized access to subjects.
Question
Which of the following best expresses the primary goal when controlling access to assets?Group of answer choicesEnsure that all subjects are authenticated.Preserve confidentiality, integrity, and availability of systems and data.Ensure that only valid objects can authenticate on a system.Prevent unauthorized access to subjects.
Solution 1
The primary goal when controlling access to assets is to "Preserve confidentiality, integrity, and availability of systems and data." This is often referred to as the CIA triad in information security.
-
Confidentiality: This ensures that the data or information is not made available or disclosed to unauthorized individuals, entities, or processes.
-
Integrity: This ensures that the data or information is accurate and complete and is not altered or destroyed in an unauthorized manner.
-
Availability: This ensures that the data or information is accessible and usable upon demand by an authorized entity.
The other options are part of the process but they are not the primary goal. Authentication of subjects and objects is important, but it is a means to achieve the primary goal. Preventing unauthorized access is also a part of preserving confidentiality, but it does not cover the entire scope of the primary goal.
Solution 2
The primary goal when controlling access to assets is to "Preserve confidentiality, integrity, and availability of systems and data." This is often referred to as the CIA triad in information security.
Here's a step-by-step breakdown:
-
Confidentiality: This ensures that the data or system is not accessed by unauthorized individuals. Access controls, encryption, and security protocols are used to maintain confidentiality.
-
Integrity: This ensures that the data or system is not altered or tampered with by unauthorized individuals. Checksums, hashes, and change management controls are used to maintain integrity.
-
Availability: This ensures that the data or system is always accessible to authorized individuals when needed. Redundancy, failover, and disaster recovery plans are used to maintain availability.
The other options listed are components of a secure system but they do not encompass the primary goal of access control as completely as the CIA triad.
Similar Questions
Asset is a resource controlled by an entity.Group of answer choicesTrueFalse
Which of the following security design principles says ‘access decisions should be based on permission rather than exclusion’?Group of answer choicesFail-safe defaultsComplete mediationSeparation of privilegeLeast Astonishment
From an internal control standpoint, the asset most susceptible to improper diversion and use isGroup of answer choicesbuildings.prepaid insurance.cash.land.
Which of the following access control approaches provides the ability to share resources or information in a peer-to-peer configuration?Group of answer choicesRole-basedDiscretionaryMandatoryNon-Discretionary
Which of the following tasks may be part of the asset security domain? Select all that apply.1 pointSecuring digital and physical assetsEnsuring users follow established policiesProper disposal of digital assetsData storage and maintenance
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.