CISSP – Information Systems Security Management Professional (ISSMP) — Question 3

Which of the following statements about the integrity concept of information security management are true? Each correct answer represents a complete solution.
Choose three.

Answer options

• A. It ensures that unauthorized modifications are not made to data by authorized personnel or processes.
• B. It determines the actions and behaviors of a single individual within a system
• C. It ensures that modifications are not made to data by unauthorized personnel or processes.
• D. It ensures that internal information is consistent among all subentities and also consistent with the real-world, external situation.

Correct answer: A, C, D

Explanation

Answer A is correct because it emphasizes the prevention of unauthorized modifications, even from those who are authorized. Answer C is also correct as it highlights that integrity ensures data is protected from changes by unauthorized personnel or processes. Answer D is correct as it addresses the need for internal consistency of information relative to the external environment. However, answer B is incorrect because integrity does not focus on the actions of a single individual but rather on the overall consistency and protection of data.