Preserving confidentiality, integrity, and availability of data is a restatement of the concern over interruption, interception, modification, and fabrication. How do the first three concepts relate to the last four? That is, is any of the four equivalent to one or more of the three? Is one of the three encompassed by one or more of the four?
What will be an ideal response?
There
is
not
a
good
one-?to-?one
correspondence.
Modification
is
primarily
a
failure
of
integrity,
although
there
are
aspects
of
availability
(denial
of
service).
Fabrication
is
probably
the
closest
to
being
exclusively
an
integrity
violation,
although
fabrication
of
covert
outputs
could
be
used
to
leak
otherwise
confidential
data.
Interruption
is
an
availability
concern,
although
one
can
argue
that
it
is
also
a
failure
of
the
integrity
of
a
communication
or
information
flow.
Interception
primarily
results
in
a
breach
of
confidentiality,
although
it
could
also
be
seen
as
an
attack
on
availability.
The
distinctions
drawn
here
are
primarily
semantic.
There
are
also
possible
arguments
over
whether
an
incident
is
a
lack
of
confidentiality
or
integrity,
too.
The
point
is
not
to
split
hairs
of
categorization
among
the
three
or
four
terms
but
rather
to
use
the
terms
to
envision
a
broad
range
of
vulnerabilities
and
threats.
You might also like to view...
The Next and Previous buttons enable you to move quickly between slides
Indicate whether the statement is true or false
Selecting a cloud provider can be a challenge. Often, it is not possible to determine whether a provider's services are sufficient for your needs until you have started using its service. If you determine that an initial cloud system is insufficient and you need to move your data and custom code to a different cloud provider, what is needed as a feature of the initial cloud provider that did not work out for you?
A. Storage encryption B. VPN connectivity C. Activity auditing D. Data portability