CRISC Certified in Risk and Information Systems Control – Question039

Which of the following are the principles of access controls? Each correct answer represents a complete solution. Choose three.

A.
Confidentiality
B. Availability
C. Reliability
D. Integrity

Correct Answer: ABD

Explanation:

Explanation:
The principles of access controls focus on availability, integrity, and confidentiality, as loss or danger is directly related to these three:

  • Loss of confidentiality- Someone sees a password or a company’s secret formula, this is referred to as loss of confidentiality.
  • Loss of integrity- An e-mail message is modified in transit, a virus infects a file, or someone makes unauthorized changes to a Web site is referred to as loss of integrity.
  • Loss of availability- An e-mail server is down and no one has e-mail access, or a file server is down so data files aren’t available comes under loss of availability.