• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Security Mock question

 
Ranch Hand
Posts: 239
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

An organisation hosts a web application and assigns individual username/ password to all its employees, together with a set of access rights so that users of a particular department are unable to access data related to any other department. Which security mechanism is employed by this organisation? (select one correct answer)
A) Data Integrity
B) Confidentiality
C) Authentication
D) Authorization
E) Only A and B options
F) Only B and C
G) Only C and D
H) Only B, C and D
E) A, B, C and D


hi ranchers,

The correct answer is H, but I am confused why the "Confidentiality" is also used here.

Thanks.
 
Sheriff
Posts: 14691
16
Eclipse IDE VI Editor Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Don't forget to QuoteYourSources.
 
Creator of Enthuware JWS+ V6
Posts: 3411
320
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Zhixiong,

Using the following definitions:
  • Authentication: identifying a party to a web-application
  • Authorization: what the identified party is allowed to do within a web-application
  • Data integrity: the means used to prove that information has not been modified by a third party while in transit
  • Data privacy: the means to ensure that information is made available only to users who are authorized to access it

  • then the following apply: Authentication, Authorization, Data privacy
    Confidentiality is just another word for Data privacy.

    Regards,
    Frits
     
    Zhixiong Pan
    Ranch Hand
    Posts: 239
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Thanks Frits, can I understand your meaning as the following example?
    Department A can access the Dept A web resource. ---- That is Authorization.
    Department B can't access the Dept A web resource. ---- That is Confidential.

    You may find the question from http://www.cafe4java.com/mockexams/scwcd/mock1/q5.php

     
    Frits Walraven
    Creator of Enthuware JWS+ V6
    Posts: 3411
    320
    Android Eclipse IDE Chrome
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Hi Zhixiong,

    Yes, that is the correct way of explaining it.

    Regards,
    Frits
     
    Sheriff
    Posts: 9707
    43
    Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Zhixiong please quote the source of the question. This is not optional...
     
    rubbery bacon. crispy tiny ad:
    a bit of art, as a gift, the permaculture playing cards
    https://gardener-gift.com
    reply
      Bookmark Topic Watch Topic
    • New Topic