INFORMATIVE) ACTUAL QUESTIONS AND
CORRECT VERIFIED ANSWERS | LATEST
UPDATE
1. CIA Triad
ANS >> Confidentiality, Integrity, Availability
2. Parkerian hexad
ANS >> Where the CIA triad consists of confidentiality, integrity, and availability, the
Parkerian hexad consists of these three principles, as well as possession or control,
authenticity, and utility
3. Confidentiality
ANS >> Refers to our ability to protect our data from those who are not authorized to view
it.
Confidentiality can be compromised by the loss of a laptop containing data, a person looking
over our shoulder while we type a password, an e-mail attachment being sent to the wrong
person, an attacker penetrating our systems, or similar issues.
4. Integrity
ANS >> Refers to the ability to prevent our data from being changed in an unauthorized or
undesirable
manner. This could mean the unauthorized change or deletion of our data or portions of our data,
https://www.stuvia.com/user/MBOFFIN
, or it could mean an authorized, but undesirable, change or deletion of our data. To maintain
integrity, we not only need to have the means to prevent unauthorized changes to our data but
also need the ability to reverse authorized changes that need to be undone.
5. Availability
ANS >> refers to the ability to access our data when we need it. Loss of availability can refer to
wide variety
of breaks anywhere in the chain that allows us access to our data. Such issues can result from
power loss, operating system or application problems, network attacks, compromise of a
system, or other problems. When such issues are caused by an outside party, such as an
attacker, they are commonly referred to as a denial of service (DoS) attack.
6. Possession or Control
ANS >> Refers to the physical disposition of the media on which the data is stored. Thi
enables us, without involving other factors such as availability, to discuss our loss of the data in
physical medium
An example is data store be on multiple devices and there could be numerous versions.
7. Authenticity
ANS >> Attribution as to the owner or creator of the data in question.
Authenticity can be enforced through the use of digital signatures.
8. Utility
ANS >> Refers to how useful the data is to us.
9. Interception
https://www.stuvia.com/user/MBOFFIN
, ANS >> Interception attacks allow unauthorized users to access our data, applications, or
environments and are primarily an attack against confidentiality. Interception might take the
form of unauthorized file viewing or copying, eavesdropping on phone conversations, or reading
e-mail, and can be conducted against data at rest or in motion. Properly executed, interception
attacks can be very diflcult to detect.
Attects Confidentiality
https://www.stuvia.com/user/MBOFFIN