Secure Software Design Study Guide -WGU C706 Questions and Answers with Verified Solutions

Confidentiality - Information is not made available or disclosed to unauthorized individuals, entities, or processes. Ensures unauthorized persons are not able to read private and sensitive data. It is achieved through cryptography. Integrity - Ensures unauthorized persons or channels are not able to modify the data. It is accomplished through the use of a message digest or digital signatures. Availability - The computing systems used to store and process information, the security controls used to protect information, and the communication channels used to access information must be functioning correctly. Ensures system remains operational even in the event of a failure or an attack. It is achieved by providing redundancy or fault tolerance for a failure of a system and its components. Ensure Confidentiality - Public Key Infrastructure (PKI) and Cryptography/Encryption Ensure Availability - Offsite back-up and Redundancy Ensure Integrity - Hashing, Message Digest (MD5), non repudiation and digital signatures