Which of the following methods can be used to ensure confidentiality of information?

Which of the following can be used to protect confidentiality?

(a) CCTV

(b) Encryption

(d) RAID.

The art of preventing unwanted access, use, disclosure, interruption, alteration, inspection, recording, or destruction of information is known as information security. It is a technique for protecting data and information systems against unauthorized users, harmful malware, and intrusions.

The three stages of information security are confidentiality, integrity, and availability.

Confidentiality: It relates to essentially preventing information from unauthorized access.
Integrity: It relates to maintaining the accuracy and completeness of the information collection.
Availability: It is a matter of ensuring the information is available to the processes in which it is required.

Answer and Explanation: 1

Answer: (b) Encryption

Information is protected using encryption and decryption methods and a conversion algorithm. It is a technique for protecting...

See full answer below.

Data confidentiality is about protecting data against unintentional, unlawful, or unauthorized access, disclosure, or theft.

Confidentiality has to do with the privacy of information, including authorizations to view, share, and use it. Information with low confidentiality concerns may be considered "public" or otherwise not threatening if exposed beyond its intended audience. Information with high confidentiality concerns is considered secret and must be kept confidential to prevent identity theft, compromise of accounts and systems, legal or reputational damage, and other severe consequences.

Examples of data with high confidentiality concerns include:

Social Security numbers, which must remain confidential to prevent identity theft.
passwords, which must remain confidential to protect systems and accounts.

Consider the following when managing data confidentiality:

To whom data can be disclosed
Whether laws, regulations, or contracts require data to remain confidential
Whether data may only be used or released under certain conditions
Whether data is sensitive by nature and would have a negative impact if disclosed
Whether data would be valuable to those who aren't permitted to have it (e.g., hackers)

When managing data confidentiality, follow these guidelines:

Encrypt sensitive files.
Encryption is a process that renders data unreadable to anyone except those who have the appropriate password or key. By encrypting sensitive files (by using file passwords, for example), you can protect them from being read or used by those who are not entitled to do either.
Manage data access.
Controlling confidentiality is, in large part, about controlling who has access to data. Ensuring that access is only authorized and granted to those who have a "need to know" goes a long way in limiting unnecessary exposure. Users should also authenticate their access with strong passwords and, where practical, two-factor authentication. Periodically review access lists and promptly revoke access when it is no longer necessary.
Physically secure devices and paper documents.
Controlling access to data includes controlling access of all kinds, both digital and physical. Protect devices and paper documents from misuse or theft by storing them in locked areas. Never leave devices or sensitive documents unattented in public locations.
Securely dispose of data, devices, and paper records.
When data is no longer necessary for University-related purposes, it must be disposed of appropriately.
- Sensitive data, such as Social Security numbers, must be securely erased to ensure that it cannot be recovered and misused.
- Devices that were used for University-related purposes or that were otherwise used to store sensitive information should be destroyed or securely erased to ensure that their previous contents cannot be recovered and misused.
- Paper documents containing sensitive information should be shredded rather than dumped into trash or recycling bins.
Manage data acquisition.
When collecting sensitive data, be conscious of how much data is actually needed and carefully consider privacy and confidentiality in the acquisition process. Avoid acquiring sensitive data unless absolutely necessary; one of the best ways to reduce confidentiality risk is to reduce the amount of sensitive data being collected in the first place.
Manage data utilization.
Confidentiality risk can be further reduced by using sensitive data only as approved and as necessary. Misusing sensitive data violates the privacy and confidentiality of that data and of the individuals or groups the data represents.
Manage devices.
Computer management is a broad topic that includes many essential security practices. By protecting devices, you can also protect the data they contain. Follow basic cybersecurity hygiene by using anti-virus software, routinely patching software, whitelisting applications, using device passcodes, suspending inactive sessions, enabling firewalls, and using whole-disk encryption.

Last Updated on October 29, 2019 by Admin

You have already completed the quiz before. Hence you can not start it again.

You must sign in or sign up to start the quiz.

You have to finish following quiz, to start this quiz:

2 points

Incorrect

SHA and MD5 use use complex mathematical algorithms to compute hash values.

SHA and MD5 use use complex mathematical algorithms to compute hash values.
1 points

Incorrect

Authorization determines whether a user has certain access privileges.

Authorization determines whether a user has certain access privileges.
1 points

Incorrect

Privacy laws control appropriate use of data and access to data.

Privacy laws control appropriate use of data and access to data.
3 points

Incorrect

High availability systems typically include these three design principles.

High availability systems typically include these three design principles.
3 points

Incorrect

The forms of authentication are something you know, have , or are.

The forms of authentication are something you know, have , or are.
1 points

Incorrect

The term VPN describes a virtual network that uses encryption to protect data when traveling across Internet media.

The term VPN describes a virtual network that uses encryption to protect data when traveling across Internet media.
1 points

Incorrect

Version control ensures that two users cannot update the same object.

Version control ensures that two users cannot update the same object.
1 points

Incorrect

Sneaker net refers to hand delivering the removable data.

Sneaker net refers to hand delivering the removable data.
3 points

Incorrect

Three foundational security principles are confidentiality, integrity and availability.

Three foundational security principles are confidentiality, integrity and availability.
3 points

Incorrect

This question refers to AAA authentication, authorization, and accountability.

This question refers to AAA authentication, authorization, and accountability.
2 points

Incorrect

Data integrity systems include one of the two data integrity methods.

Data integrity systems include one of the two data integrity methods.
3 points

Incorrect

Policy sets the establishment of rules and guidelines for the business.

Policy sets the establishment of rules and guidelines for the business.
2 points
1 points

Incorrect

The security principle of confidentiality refers to the prevention of the disclosure of information to unauthorized people, resources, and processes.

The security principle of confidentiality refers to the prevention of the disclosure of information to unauthorized people, resources, and processes.
3 points

Incorrect

The protection of the cyber world requires cybersecurity professionals to account for the safeguarding of data in-transit, in-cloud, and at rest.

The protection of the cyber world requires cybersecurity professionals to account for the safeguarding of data in-transit, in-cloud, and at rest.
1 points

Incorrect

Modification involves changes to the original data and not complete deletion of the data.

Modification involves changes to the original data and not complete deletion of the data.
1 points

Incorrect

The first dimension of the cybersecurity sorcery cube identifies the goals or security principles required to protect the cyber world.

The first dimension of the cybersecurity sorcery cube identifies the goals or security principles required to protect the cyber world.
1 points

Incorrect

NAS refers to a storage device connected to a network that allows storage and retrieval of data from a centralized location by authorized network users.

NAS refers to a storage device connected to a network that allows storage and retrieval of data from a centralized location by authorized network users.
2 points

Incorrect

Confidentiality means viewing of information only for those who need to know. This can be accomplished by encrypting data and authenticating users who request access.

Confidentiality means viewing of information only for those who need to know. This can be accomplished by encrypting data and authenticating users who request access.
3 points

Incorrect

Sensitive information is information that would otherwise cause harm to a company or individual if publicly disclosed.

Sensitive information is information that would otherwise cause harm to a company or individual if publicly disclosed.