Which of the following statements about the integrity concept of information security management are true? Each correct answer represents a complete solution.
Choose three.
Click on the arrows to vote for the correct answer
A. B. C. D.ACD.
The integrity concept of information security management refers to the trustworthiness of data and resources. It ensures that the data is accurate, complete, and consistent throughout its lifecycle, from creation to destruction. It also ensures that data is not subject to unauthorized modification, deletion, or disclosure.
The following are the true statements about the integrity concept of information security management:
A. It ensures that unauthorized modifications are not made to data by authorized personnel or processes.
This statement is true because the integrity concept of information security management ensures that data is protected from unauthorized modification, deletion, or disclosure by authorized personnel or processes. This is achieved by implementing access controls, such as authentication, authorization, and auditing, which restrict access to data to only authorized personnel or processes.
C. It ensures that modifications are not made to data by unauthorized personnel or processes.
This statement is also true because the integrity concept of information security management ensures that data is protected from unauthorized modification, deletion, or disclosure by unauthorized personnel or processes. This is achieved by implementing access controls, such as authentication, authorization, and auditing, which restrict access to data to only authorized personnel or processes.
D. It ensures that internal information is consistent among all subentities and also consistent with the real-world, external situation.
This statement is true because the integrity concept of information security management ensures that data is consistent and accurate across all subentities and is consistent with the real-world, external situation. This is achieved by implementing data validation and verification procedures, such as data input controls, data processing controls, and data output controls, which ensure that data is accurate, complete, and consistent throughout its lifecycle.
B. It determines the actions and behaviors of a single individual within a system.
This statement is false because the integrity concept of information security management does not determine the actions and behaviors of a single individual within a system. Rather, it ensures that data and resources are protected from unauthorized modification, deletion, or disclosure by authorized or unauthorized personnel or processes.