PrepAway - Latest Free Exam Questions & Answers

Which choice below represents an application or system demonstrating a need for a high level of confidentialit

Which choice below represents an application or system demonstrating
a need for a high level of confidentiality protection and controls?

PrepAway - Latest Free Exam Questions & Answers

A.
The mission of this system is to produce local weather forecast
information that is made available to the news media forecasters
and the general public at all times. None of the information requires
protection against disclosure.

B.
Destruction of the information would require significant
expenditures of time and effort to replace. Although corrupted
information would present an inconvenience to the staff, most
information, and all vital information, is backed up by either paper
documentation or on disk.

C.
The application contains proprietary business information and other
financial information, which if disclosed to unauthorized sources,
could cause an unfair advantage for vendors, contractors, or
individuals and could result in financial loss or adverse legal action
to user organizations.

D.
Unavailability of the system could result in inability to meet payroll
obligations and could cause work stoppage and failure of user
organizations to meet critical mission requirements. The system
requires 24-hour access.

Explanation:
Although elements of all of the systems described could require specific
controls for confidentiality, given the descriptions above, system b
fits the definition most closely of a system requiring a very high level
of confidentiality. Answer a is an example of a system requiring high
availability. Answer c is an example of a system that requires medium

integrity controls. Answer d is a system that requires only a low level
of confidentiality.
Asystem may need protection for one or more of the following reasons:
Confidentiality. The system contains information that requires
protection from unauthorized disclosure.
Integrity. The system contains information that must be protected
from unauthorized, unanticipated, or unintentional modification.
Availability. The system contains information or provides services
which must be available on a timely basis to meet mission
requirements or to avoid substantial losses.
Source: NIST Special Publication 800-18, Guide for Developing Security Plans
for Information Technology Systems

One Comment on “Which choice below represents an application or system demonstrating a need for a high level of confidentialit


Leave a Reply