CompTIA Security Plus Mock Test Q396

Which of the following concepts defines the requirement for data availability?

A. Authentication to RADIUS
B. Non-repudiation of email messages
C. Disaster recovery planning
D. Encryption of email messages

Correct Answer: C
Section: Compliance and Operational Security

A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.

Incorrect Answers:
A: Authentication issues deals with authorized access to resources.
B: Nonrepudiation prevents one party from denying actions that they carried out and in the electronic world nonrepudiation measures can be a two-key cryptographic system and the
involvement of a third party to verify the validity. This respected third party ‘vouches’ for the individuals in the two-key system.
D: Encryption of email messages is concerned with confidentiality.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 29, 262, 433-434