CISSP PRACTICE QUESTIONS – 20191201

Effective CISSP Questions

Information Security is a discipline to protect assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability, or CIA for short, support business processes, and create and deliver values. All of the following hinder or enforce the security objective of integrity, except which one?
A. A recipient denied having received a message
B. A disgruntled employee deleted confidential files
C. A middle man poisoned a DNS
D. A sender signed an email with digital signature


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. A disgruntled employee deleted confidential files. (or E. None of the above)

CIA as Security Objectives

According to the law, Pub.L. 107–347, 116 Stat. 2899, non-repudiation and authenticity are the security properties of integrity.

I believe we all agree the following options relate to integrity without a doubt:

  • Repudiation is a denial of the truth or validity of something. “A recipient denied having received a message” hinders non-repudiation, hence integrity.
  • “C. A middle man poisoned a DNS” hinders integrity.
  • “D. A sender signed an email with digital signature” enforces non-repudiation, hence integrity.

Based on the exam answering skill of ruling out options, we can conclude the answer is “B. A disgruntled employee deleted confidential files.”

Controversial Issue

However, it has been controversial on the following issue:

Does the deletion of files affect integrity or availability?

IMO, deleting files affects both integrity and availability. Some argue it affects integrity, while others are in favor of availability.

 

 

1 thought on “CISSP PRACTICE QUESTIONS – 20191201

  1. According to your explanation, deleting confidential files hinders integrity also. So, B is still not the correct answer. I support your addition E option – None of the above

Leave a Reply