An organisation hosts a web application and assigns individual username/ password to all its employees, together with a set of access rights so that users of a particular department are unable to access data related to any other department. Which security mechanism is employed by this organisation? (select one correct answer)
A) Data Integrity
E) Only A and B options
F) Only B and C
G) Only C and D
H) Only B, C and D
E) A, B, C and D
The correct answer is H, but I am confused why the "Confidentiality" is also used here.
Using the following definitions:
then the following apply: Authentication, Authorization, Data privacy
Confidentiality is just another word for Data privacy.
Department A can access the Dept A web resource. ---- That is Authorization.
Department B can't access the Dept A web resource. ---- That is Confidential.
You may find the question from http://www.cafe4java.com/mockexams/scwcd/mock1/q5.php