ExamTopics Logo
Mail Us[email protected]
Menu
Iia Discussions
exam questions

Exam IIA-CIA-Part3 All Questions

View all questions & answers for the IIA-CIA-Part3 exam
Go to Exam

Exam IIA-CIA-Part3 topic 2 question 16 discussion

Actual exam question from IIA's IIA-CIA-Part3
Question #: 16
Topic #: 2
[All IIA-CIA-Part3 Questions]

Which of the following risks is best addressed by encryption?

  • A. Information integrity risk.
  • B. Privacy risk.
  • C. Access risk.
  • D. Software risk.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://www.corporatecomplianceinsights.com/encryption-what-is-it-good-for-risk-compliance/
by Java_Girl at May 25, 2021, 2:12 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Java_Girl
Highly Voted 3 years, 6 months ago
The answer should be B. Based on GTAG Global Technology Audit Guide (GTAG®) 1 - Confidentiality includes privacy considerations. - Encryption services applied where confidentiality is a stated requirement Thus B is correct answer
upvoted 6 times
...
34205ac
Most Recent 2 weeks, 2 days ago
Answer is C. As per Gleim "Encryption and other methods to reduce risk associated with unauthorized access to an organization’s network"
upvoted 1 times
...
[Removed]
1 year ago
Encryption of sensitive data can be an effective way for a business to reduce its data breach risks. Encryption can be a “safe harbour,” that can limit your exposure to breach notification laws when unauthorized individuals gain access to your data.
upvoted 1 times
...
ciacandidate
1 year, 3 months ago
Selected Answer: B
It's B. Encryption exists to protect privacy.
upvoted 2 times
...
Suzan07
3 years ago
Encryption is related to the integrity of information so I thnink A is correct
upvoted 1 times
...
Walewweeeed
3 years, 2 months ago
A is correct
upvoted 1 times
...
yomang
3 years, 4 months ago
I think it's C. I checked the Gleim textbook and IIA textbook, and it said a bunch about Access, nothing about Privacy. Plus, if you think about it, what risk does it address (as per the original question)? If someone gains access to something that they shouldn't have access to, encryption protects your data so that the hacker still can't see it. Therefore, it addresses an access risk. This COULD entail privacy to a certain extent, but that's specifically only pertaining to the confidentiality of PII, not an all-around extent of accessing anything and everything. Therefore, I think Access Risk makes more sense because it entails anything and everything to do with the risks of people gaining access to ANY data (whether it be PII or other things) but still not being able to do anything with their access because the data is encrypted.
upvoted 2 times
superman26
3 years, 4 months ago
Hi, your sharing is regard the access of the documents. How about access to users' accounts? Users' accounts are controlled by password, SoD, etc.., this type of access risk is unable to use encryption. (user account password must be remembered by the user, not by encryption.) the answer should be B, privacy risk. Technical controls such as encryption or design changes can prevent privacy risks.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel