DOS MIDTERM EXAM 2026 FINAL PAPER
DELIVERING FULLY SOLVED CONTENT
◉confidentiality. Answer: only authorized users can view
information
focus: secrecy and limiting access
◉integrity. Answer: information is complete and unaltered; only
authorized users can change info
focus: correctness and protection from improper modification
◉availability. Answer: information is accessible by authorized users
whenever they request the info
focus: uptime, access, reliability
◉easy CIA comparison. Answer: confidentiality = who can see it
integrity = can it be trusted
,availability = can it be accessed
◉DAD triad. Answer: disclosure, alteration, destruction
◉disclosure. Answer: information exposed to unauthorized parties;
violation of confidentiality
◉alteration. Answer: information is changed improperly; violation
of integrity
◉destruction. Answer: information or systems are destroyed,
denied, or made inaccessible; violation of availability
◉easy DAD comparison. Answer: exposed data = disclosure =
confidentiality problem
changed data = alteration = integrity problem
unavailable system = destruction/denial = availability problem
◉authenticity. Answer: assurance that data is genuine and
originates from its claimed source
, ◉nonrepudiation. Answer: assurance that someone can't deny
performing an action/sending a communication
◉AAA services. Answer: identification, authentication,
authorization, auditing, accounting
◉identification. Answer: claiming an identity
examples: entering username, swiping ID badge, typing employee
number
◉authentication. Answer: proving the identity
examples: password, fingerprint, code from authenticator app
◉authorization. Answer: determining what actions are allowed
examples: whether user can view payroll files, whether employee
can edit records, whether admin can install software
◉auditing. Answer: recording and reviewing user/system activity
DELIVERING FULLY SOLVED CONTENT
◉confidentiality. Answer: only authorized users can view
information
focus: secrecy and limiting access
◉integrity. Answer: information is complete and unaltered; only
authorized users can change info
focus: correctness and protection from improper modification
◉availability. Answer: information is accessible by authorized users
whenever they request the info
focus: uptime, access, reliability
◉easy CIA comparison. Answer: confidentiality = who can see it
integrity = can it be trusted
,availability = can it be accessed
◉DAD triad. Answer: disclosure, alteration, destruction
◉disclosure. Answer: information exposed to unauthorized parties;
violation of confidentiality
◉alteration. Answer: information is changed improperly; violation
of integrity
◉destruction. Answer: information or systems are destroyed,
denied, or made inaccessible; violation of availability
◉easy DAD comparison. Answer: exposed data = disclosure =
confidentiality problem
changed data = alteration = integrity problem
unavailable system = destruction/denial = availability problem
◉authenticity. Answer: assurance that data is genuine and
originates from its claimed source
, ◉nonrepudiation. Answer: assurance that someone can't deny
performing an action/sending a communication
◉AAA services. Answer: identification, authentication,
authorization, auditing, accounting
◉identification. Answer: claiming an identity
examples: entering username, swiping ID badge, typing employee
number
◉authentication. Answer: proving the identity
examples: password, fingerprint, code from authenticator app
◉authorization. Answer: determining what actions are allowed
examples: whether user can view payroll files, whether employee
can edit records, whether admin can install software
◉auditing. Answer: recording and reviewing user/system activity
