Exam ISO-IEC-27001-Lead-Auditor Topic 1 Question 97 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Auditor exam
Question #: 97
Topic #: 1
A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated?

Suggested Answer: B Vote an answer

Confidentiality is one of the security principles that states that only authorized parties should have access to information assets. Confidentiality protects the secrecy and privacy of information from unauthorized disclosure or exposure. A hacker gaining access to a web server and reading the credit card numbers stored on that server violates the confidentiality principle, as he or she is not an authorized party and has access to sensitive information that belongs to others. Therefore, the correct answer is B. Reference: ISO/IEC 27000:2022, clause 3.8; Defining Security Principles - Pearson IT Certification.

by Duncan at Oct 24, 2024, 10:39 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10