The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system is referred to as?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
An company security program must: 1) assure that systems and applications operate effectively and provide appropriate confidentiality, integrity, and availability; 2) protect informationcommensurate with the level of risk and magnitude ofharmresulting fromloss, misuse, unauthorized access, or modification.
The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system; i.e., a system is available if it provides services according to the system design whenever users request them.
The following are incorrect answers: Confidentiality - The information requires protection from unauthorized disclosure and only the INTENDED recipient should have access to the meaning of the data either in storage or in transit.
Integrity - The information must be protected from unauthorized, unanticipated, or unintentional modification.
This includes, but is not limited to: Authenticity A third party must be able to verify that the content of a message has not been changed in transit.
Non-repudiationThe origin or the receipt of a specific message must be verifiable by a third party.
Accountability - A security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.
Reference used for this question: RFC 2828 - and SWANSON, Marianne, NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001 (page 5).
The correct answer is B. Availability.
Availability is a property of a system or system resource that refers to its ability to be accessible and usable upon demand by an authorized system entity, according to performance specifications for the system. This means that the system or resource is up and running, and can be accessed and used by authorized users as and when required.
In the context of information security, availability is one of the three core pillars of the CIA triad, alongside confidentiality and integrity. These three pillars represent the key objectives of information security, with availability focusing on ensuring that systems and resources are always available when needed.
In practice, ensuring availability requires a range of measures, including implementing redundant systems, monitoring for potential failures and taking proactive steps to prevent them, and ensuring that the system can be quickly restored in the event of an outage or disruption. This can involve the use of techniques such as load balancing, failover, backup and recovery, and disaster recovery planning.
Ultimately, the goal of ensuring availability is to minimize downtime, maximize uptime, and ensure that users are always able to access the systems and resources they need to do their jobs. This is essential for maintaining productivity, minimizing disruption, and ensuring that critical operations can continue even in the face of unexpected events or malicious attacks.