Cybersecurity is primarily focused on protecting information assets by preventing unauthorized access, data breaches, cyberattacks, and other security threats. The confidentiality, integrity, and availability (CIA) triad is the foundation of cybersecurity, with access control playing a key role in mitigating risks.
(A) Incorrect – To protect the effective performance of IT general and application controls.
While cybersecurity supports IT controls, its primary goal is information security, not just control performance.
(B) Incorrect – To regulate users' behavior in the web and cloud environment.
Cybersecurity includes user behavior policies, but its primary goal is preventing unauthorized access rather than regulation.
(C) Correct – To prevent unauthorized access to information assets.
The core objective of cybersecurity is to prevent unauthorized access, protecting data from cyber threats.
This aligns with the CIA (Confidentiality, Integrity, Availability) security model.
(D) Incorrect – To secure application of protocols and authorization routines.
Protocols and authorization routines are part of cybersecurity controls, but they are not the primary objective.
Defines cybersecurity as the protection of information assets from unauthorized access and threats.
NIST Cybersecurity Framework – Access Control and Information Security
Focuses on preventing unauthorized access to sensitive systems.
COBIT Framework – IT Governance and Security
Emphasizes the protection of data and IT assets through cybersecurity measures.
Analysis of Answer Choices:IIA References and Internal Auditing Standards:
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit