Security Fundamentals Professional Certification (SFPC) Practice Test

What is a key goal of information assurance?

• A. To eliminate the need for secure systems
• B. To ensure the confidentiality, integrity, and availability of information
• C. To restrict access to information at all times
• D. To increase the volume of data handled

The correct answer is: To ensure the confidentiality, integrity, and availability of information

A key goal of information assurance is to ensure the confidentiality, integrity, and availability of information, which are collectively known as the CIA triad. This triad is fundamental in establishing a comprehensive framework for managing and protecting sensitive data. Confidentiality ensures that sensitive information is accessible only to those authorized to have access, protecting it from unauthorized disclosure. Integrity involves maintaining the accuracy and completeness of information, ensuring that data is not altered or destroyed in an unauthorized manner. Availability ensures that information is accessible to authorized users when needed, thus supporting operations and decision-making processes. By focusing on these three aspects, information assurance aims to create a secure environment that safeguards data from various threats while enabling legitimate users to access the necessary information without hindrance. This approach is fundamental in addressing the risks associated with information systems and helps organizations maintain trust and compliance with regulatory requirements. The other options do not align with the established goals of information assurance. For instance, eliminating the need for secure systems runs contrary to the fundamental principles of security, as it fails to recognize the inherent risks that information systems face. Restricting access to information at all times may hinder legitimate business processes and does not support the necessary availability of information. Lastly, simply increasing the volume of data handled does not