Cyber Security (BD308) – Assignment Week 2 – Syafira Aulia

Assignment Week 2

Module Question 2

1. Provide a real-world business example for a failure in Confidentiality, Integrity, and Availability?

In contemporary business environments, failures in the three foundational dimensions of information security confidentiality, integrity, and availability can produce significant operational and reputational consequences. A failure of confidentiality occurs when sensitive information is disclosed without proper authorization, as demonstrated by the misuse of user data from Facebook by Cambridge Analytica, where personal data from millions of users was obtained and utilized without informed consent. A failure of integrity arises when data is altered, corrupted, or rendered inaccurate, as illustrated by the data breach involving Equifax, which created substantial risks related to the reliability and trustworthiness of consumer credit information. In contrast, a failure of availability occurs when systems or services become inaccessible to legitimate users, such as during major service disruptions affecting Amazon Web Services, which temporarily rendered numerous digital platforms and applications unavailable despite their data remaining intact.

2. How might an e-commerce website prioritize one aspect of the CIA triad over the others for its product pages versus its payment processing system?

Within an e-commerce system, the relative prioritization of the CIA triad may vary depending on functional context. For product display pages, availability is typically the primary concern, as uninterrupted access is essential to ensure continuous customer engagement and transactional opportunities. While integrity remains necessary to maintain accurate product descriptions and pricing, confidentiality is comparatively less critical because much of the displayed information is publicly accessible. Conversely, payment processing systems demand a stronger emphasis on confidentiality and integrity. Sensitive financial information and personal data must be rigorously protected from unauthorized access, and transaction records must remain accurate and unaltered to preserve financial correctness and user trust. Although availability remains relevant, safeguarding data privacy and transactional accuracy represents the central security priority in this context.

3. Explain the principle of “least privilege” and how it supports confidentiality?

The principle of least privilege refers to the practice of granting users and systems only the minimum level of access required to perform their designated functions. This access control approach restricts exposure to sensitive information by ensuring that only authorized individuals with legitimate operational needs can view or manipulate specific data resources. By minimizing the number of entities with access to confidential information, organizations reduce the likelihood of unauthorized disclosure, misuse, or data leakage. Consequently, the principle of least privilege serves as a fundamental mechanism for preserving confidentiality by enforcing controlled, role-based access to critical information assets.

Cyber Security Module – Syafira Aulia click here.

Status: 100%

Keterangan: Sudah mengerjakan tugas dengan baik dan benar.^^

 

Previous Post Previous Post
Newer Post Newer Post

Leave a comment