An organization must ensure that employees cannot deny they authorized a transaction. Which security principle is being addressed?

  1. Confidentiality
  2. Non-repudiation ✓
  3. Integrity
  4. Availability

Correct answer: Non-repudiation

Option B, non-repudiation, is correct because it ensures that a party cannot deny having performed an action, such as authorizing a transaction, typically enforced through digital signatures, audit logs, or timestamped records. Option A, confidentiality, protects data from unauthorized disclosure but does not address whether a party can deny an action they took. Option C, integrity, ensures data has not been altered in transit or at rest, which is related but does not specifically bind an action to an individual who cannot later deny it. Option D, availability, concerns ensuring systems and data are accessible when needed, which is entirely unrelated to denying or confirming a past action.

Topic: Threats, Vulnerabilities, and Mitigations · non-repudiation, security principles, digital signatures, comptia security+

Practice CompTIA Security+ (SY0-701) Questions Free