Which of the following is NOT a common integrity goal?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
Inappropriate disclosure is a confidentiality, not an integrity goal.
All of the other choices above are integrity goals addressed by the Clark-Wilson integrity model.
The Clark-Wilson model is an integrity model that addresses all three integrity goals: 1
prevent unauthorized users from making modifications, 2
prevent authorized users from making improper modifications, and 3
maintain internal and external consistency through auditing.
NOTE:Biba address only the first goal of integrity above Reference(s) used for this question: Harris, Shon (2012-10-18)
CISSP All-in-One Exam Guide, 6th Edition (p.
1384)
McGraw-Hill.
Kindle Edition.
Integrity in information security refers to the quality of information being complete, accurate, and consistent, ensuring that data is not modified or altered by unauthorized users or unintentionally corrupted or changed. It encompasses various goals, and the following options represent some common integrity goals:
A. Prevent unauthorized users from making modifications: This goal refers to restricting access to data to only authorized personnel to prevent unauthorized modifications or changes to data.
B. Maintain internal and external consistency: This goal involves ensuring that data remains consistent and reliable across different systems, applications, and processes. Data must be consistent with other data within the system and across systems that share information.
C. Prevent authorized users from making improper modifications: This goal refers to ensuring that authorized users do not make unauthorized or inappropriate modifications to data, either intentionally or unintentionally.
D. Prevent paths that could lead to inappropriate disclosure: This goal refers to ensuring that data is not exposed to unauthorized personnel, which could lead to inappropriate disclosure, such as theft or misuse.
Therefore, the answer to the question is option D: Prevent paths that could lead to inappropriate disclosure. This option does not describe a common integrity goal. Rather, it represents a confidentiality goal that seeks to ensure that sensitive data is not disclosed to unauthorized users.