PECB Lead Implementer (ISO/IEC 27001) — Question 14

Based on scenario 2, which information security principle is the IT team aiming to ensure by establishing a user authentication process that requires user identification and password when accessing sensitive information?

Answer options

Correct answer: B

Explanation

The correct answer is B, Confidentiality, as user authentication is directly aimed at protecting sensitive information from unauthorized access. Options A and C, Integrity and Availability, respectively, focus on data correctness and ensuring access, but they do not specifically address the protection of sensitive data through authentication.