Which of the following attack compromises availability?
a. Denial of Service attack
b. Ransomware attack
c. Disclosure of passwords to unauthorized person
d. Option a
The correct answer and explanation is:
Correct Answer: d. Option a
Explanation:
Availability is one of the three key principles of information security, often referred to as the CIA Triad: Confidentiality, Integrity, and Availability. Availability means that systems, services, and data are accessible to authorized users when needed. An attack that compromises availability prevents legitimate users from accessing resources, thereby disrupting normal operations.
The Denial of Service (DoS) attack is a classic example of an attack that compromises availability. In a DoS attack, an attacker floods a system, server, or network with excessive traffic, overloading the resources. This makes the system slow or completely inaccessible to legitimate users. In more advanced forms, Distributed Denial of Service (DDoS) attacks use multiple compromised systems to launch a coordinated assault, making it even harder to mitigate.
On the other hand, ransomware attacks primarily compromise availability as well by encrypting files and demanding payment for decryption keys. However, ransomware can also touch on confidentiality if data is exfiltrated. So while it affects availability, it also has implications for confidentiality and integrity. This makes the denial of service attack a more direct and clear example of an availability breach.
Disclosure of passwords to an unauthorized person compromises confidentiality, not availability. It gives unauthorized access to sensitive information but does not necessarily disrupt access to services or data for legitimate users.
Therefore, option a (Denial of Service attack) is the correct choice when asked specifically about attacks that compromise availability, making option d (Option a) the accurate final answer, as it confirms the specific attack that affects availability in the clearest sense.