Chapter 1: Security Fundamentals

1. B. The concept of vulnerability is related to a fragility in a computer system, whereas a threat is defined by an entity exploiting a vulnerability. A security risk also considers the impact resulting from a threat being materialized. Therefore, options B and C are swapped.
2. A. Confidentiality is concerned with preventing unauthorized disclosure of sensitive information and ensuring that the suitable level of privacy is maintained at all stages of data processing. Integrity deals with the prevention of unauthorized modification of data and with ensuring information accuracy. Availability focuses on ensuring reliability and an acceptable level of performance for legitimate ...