Confidentiality prevents the unauthorized disclosure of data. In other words, authorized personnel can access the data, but unauthorized personnel cannot access the data. You can ensure confidentiality using several different methods discussed in the following sections.
Encryption
Encryption scrambles data to make it unreadable by unauthorized personnel. Authorized personnel can decrypt the data to access it, but encryption techniques make it extremely difficult for unauthorized personnel to access encrypted data. Chapter 10 of CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide covers encryption in much more depth, including commonly used encryption algorithms like Advanced Encryption Standard (AES).
As an example, imagine you need to transmit Personally Identifiable Information (PII), such as medical information or credit card data via email. You wouldn’t want any unauthorized personnel to access this data, but once you click Send, you’re no longer in control of the data. However, if you encrypt the data before you send it, you protect the confidentiality of the data.
Access Controls
Identification, authentication, and authorization combined provide access controls and help ensure that only authorized personnel can access data. Imagine that you want to grant Maggie access to some data, but you don’t want Homer to be able to access the same data. You use access controls to grant and restrict access. The following bullets introduce key elements of access controls:
- Identification. Users claim an identity with a unique username. For example, both Maggie and Homer have separate user accounts identified with unique usernames. When Maggie uses her account, she is claiming the identity of her account.
- Authentication. Users prove their identity with authentication, such as with a password. For example, Maggie knows her password, but no one else should know it. When she logs on to her account with her username and password, she is claiming the identity of her account and proving her identity with the password.
- Authorization. Next, you can grant or restrict access to resources using an authorization method, such as permissions. For example, you can grant Maggie’s account full control access to files and folders, and ensure that Homer doesn’t have any permissions to access the data. Chapter 2 of CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide digs into access control models a little deeper, including how they enforce authorization settings.
Steganography
A third method you can use for confidentiality is steganography. Chapter 10 of CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide covers steganography in more depth, but as an introduction, it is the practice of hiding data within data. Many people refer to it as hiding data in plain sight. For example, you can embed a hidden message in an image by modifying certain bits within the file. If other people look at the file, they won’t notice anything. However, if other people know what to look for, they will be able to retrieve the message.
As a simpler example, you can add a text file to an image file without the use of any special tools other than WinRAR and the Windows command line. If you’re interested in seeing how to do this, check out the Steganography Lab in the online exercises for this book at http://gcgapremium.com/labs/.
Confidentiality ensures that data is only viewable by authorized users. The best way to protect the confidentiality of data is by encrypting it. This includes any type of data, such as PII, data in databases, and data on mobile devices. Access controls help protect confidentiality by restricting access. Steganography helps provide confidentiality by hiding data, such as hiding text files within an image file.
 | Pass the First Time! |
Up-to-date Content
New multiple-choice and performance-based questions added regularly
Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.Buy The Full Access Study Package Today
60 Days Access
Need more time? You can easily renew for another 60 days at a significantly reduced price.
All materials are available online shortly after making your payment.
Get the Security+ Full Access Study Package Here
Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.
This exam is expensive.
Make sure you’re ready before exam day.
Here’s what you’ll get:- All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
- Over 40 new multiple-choice questions we’ve added after publishing the study guide.
- Over 30 performance-based questions. See a demo here.
- All of the flashcards from the study guide. View them in any Web browser.
- All of the audio from the study guide. Listen to a sample here.
- Access to a free discount code for 10% off your Security+ voucher.
Buy The Full Access Study Package Today
60 Days Access
All materials are available online shortly after making your payment.
Security+ Confidentiality Practice Question and Answer
Homer needs to send an email to his HR department with an attachment that includes PII. He wants to maintain the confidentiality of this attachment. Which of the following choices is the BEST choice to meet his needs?
A. Hashing
B. Digital signature
C. Encryption
D. Certificate
Answer C is correct. Encryption is the best choice to provide confidentiality of any type of information, including Personally Identifiable Information (PII).
Hashing, digital signatures, and certificates all provide integrity, not confidentiality.
Understanding Core Security Goals
Confidentiality (this page)
Security+ Study Packages Up-to-date Content New multiple-choice and performance-based
questions added regularly Buy The Full Access Study Package Today 60 Days Access Need more time?
You can easily renew for another 60 days at a significantly reduced price. All materials are available online shortly after making your payment. Get the Security+ Full Access Study Package Here Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using. This exam is expensive. Make sure you’re ready before exam day. Buy The Full Access Study Package Today 60 Days Access All materials are available online shortly after making your payment.Pass the First Time!
