Certified Secure Software Lifecycle Professional (CSSLP) — Question 42

You are responsible for network and information security at a large hospital. It is a significant concern that any change to any patient record can be easily traced back to the person who made that change. What is this called?

Answer options

• A. Availability
• B. Confidentiality
• C. Non repudiation
• D. Data Protection

Correct answer: C

Explanation

The correct answer is C, Non repudiation, which ensures that individuals cannot deny their actions regarding changes made to records. Options A and B relate to different aspects of security; availability focuses on system uptime while confidentiality protects sensitive information. Option D, Data Protection, is a broader term that encompasses several security measures but does not specifically address accountability for changes.