Notable Elements of Access Control
Question
Which of the following is NOT a factor related to Access Control?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
These factors cover the integrity, confidentiality, and availability components of information system security.
Integrity is important in access control as it relates to ensuring only authorized subjects can make changes to objects.
Authenticity is different from authentication.Authenticity pertains to something being authentic, not necessarily having a direct correlation to access control.
Confidentiality is pertinent to access control in that the access to sensitive information is controlled to protect confidentiality.
vailability is protected by access controls in that if an attacket attempts to disrupt availability they would first need access.
Source: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 49.
Access control is a fundamental concept in information security that involves restricting access to information and resources to only authorized individuals or entities. Access control is typically based on three main factors: authentication, authorization, and accounting. However, several other factors are often associated with access control, including confidentiality, integrity, and availability.
Confidentiality is a measure of how well information is protected from unauthorized disclosure or access. Integrity is the assurance that information is not modified, deleted, or corrupted without authorization. Availability is the measure of how accessible information is to authorized individuals or entities when needed.
Authentication is the process of verifying the identity of a user or entity before granting access to resources or information. Authorization is the process of determining what resources or information a user or entity is allowed to access after authentication.
Therefore, the answer to the question is D. Availability is not typically considered a factor related to access control, but rather a separate concept related to ensuring that information is accessible to authorized users when needed. Access control is primarily focused on controlling who can access information and resources, rather than on ensuring that those resources are always available.
