PrepAway - Latest Free Exam Questions & Answers

Which of the following is required in order to provide …

Which of the following is required in order to provide accountability?

PrepAway - Latest Free Exam Questions & Answers

A.
Authentication

B.
Integrity

C.
Confidentiality

D.
Audit trails

Explanation:
Accountability is another facet of access control. Individuals on a system are responsible for their actions. This
accountability property enables system activities to be traced to the proper individuals. Accountability is
supported by audit trails that record events on the system and network. Audit trails can be used for intrusion
detection and for the reconstruction of past events. Monitoring individual activities, such as keystroke
monitoring, should be accomplished in accordance with the company policy and appropriate laws. Banners at
the log-on time should notify the user of any monitoring that is being conducted.
Incorrect Answers:
A: Authentication is proof that a user is who they say they are. This is important in accountability. However, you
also need to be able to monitor that user’s actions. This is provided by audit trails.
B: Integrity ensures that data is consistent and not modified. This does not provide accountability.
C: Confidentiality attempts to prevent the intentional or unintentional unauthorized disclosure of data. This does
not provide accountability.

Krutz, Ronald L. and Russell Dean Vines, The CISSP and CAP Prep Guide: Mastering CISSP and CAP, Wiley
Publishing, Indianapolis, 2007, p. 72


Leave a Reply