Making sure that only those who are supposed to access the data can access is which of the following?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
From the published (ISC)2 goals for the Certified Information Systems Security Professional candidate, domain definition.
Confidentiality is making sure that only those who are supposed to access the data can access it.
Source: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 59.
The term "confidentiality" refers to the protection of sensitive information from unauthorized access or disclosure. In the context of data security, confidentiality is achieved by ensuring that only authorized individuals or entities have access to the data.
Therefore, the answer to the question is A. confidentiality.
Confidentiality can be maintained through a combination of technical, administrative, and physical controls. Technical controls may include encryption, access controls, and data loss prevention (DLP) systems. Administrative controls may include policies, procedures, and training to ensure that employees are aware of their responsibilities to protect sensitive data. Physical controls may include physical security measures such as locked cabinets and restricted access to data centers.
In conclusion, maintaining confidentiality is a critical aspect of data security, and it requires a comprehensive approach that involves a combination of technical, administrative, and physical controls to ensure that only authorized individuals have access to sensitive information.