Suggest three defensive layers that might be included in an information system to protect data items from changes made by someone who is not authorized to make these changes.

What will be an ideal response?

To protect data in a system from unauthorized updates, you may include the
following defensive layers:
1. Authentication To access the services that update data, a user must explicitly
authenticate themselves to the system. You may have a multi-layer
authentication system so that users have to provide a login/password and
some other information to log on to the system.
2. Undo Undo functionality is usually provided in applications so that user
errors can be easily corrected. However, it can also be used to restore data
that has been maliciously modified, if the attacker has gained access to the
system and has used the normal system commands to change the data. This
means that you should not discard the update history at the end of a session
but should maintain it along with the data itself.
3. Checksums Checksums are unique numbers that are calculated from the
contents of a data item. Any changes in the data lead to changes in the
checksum. You can therefore use checksums to detect if data items have
been changed and, if these are unauthorised, you can restore the data from a
backup.