Systems Security Certified Practitioner – SSCP – Question0383

The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system is referred to as?

A.
Confidentiality
B. Availability
C. Integrity
D. Reliability

Correct Answer: B

Explanation:

An company security program must:
1) assure that systems and applications operate effectively and provide appropriate confidentiality, integrity, and availability;
2) protect informationcommensurate with the level of risk and magnitude ofharmresulting fromloss, misuse, unauthorized access, or modification.
The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system; i.e., a system is available if it provides services according to the system design whenever users request them.
The following are incorrect answers:
Confidentiality -The information requires protection from unauthorized disclosure and only the INTENDED recipient should have access to the meaning of the data either in storage or in transit.
Integrity -The information must be protected from unauthorized, unanticipated, or unintentional modification. This includes, but is not limited to:
Authenticity –A third party must be able to verify that the content of a message has not been changed in transit.
Non-repudiation – The origin or the receipt of a specific message must be verifiable by a third party.
Accountability -A security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.
Reference used for this question:
RFC 2828 and SWANSON, Marianne, NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001 (page 5).