A database holding sensitive customer data is

Solution

The confidentiality principle ensures that sensitive information is only accessible to authorized users. Data exfiltration violates this principle, as attackers accessed private customer information without permission. Maintaining confidentiality involves: 1. Encryption to secure data at rest and in transit. 2. Access controls to restrict unauthorized users. 3. Regular audits to identify potential vulnerabilities. Since the attackers didn’t alter the data, integrity and availability remain intact, making confidentiality the primary concern. Why Other Options Are Incorrect: • B) Integrity: Incorrect because the data wasn’t modified. • C) Availability: The system remained operational and accessible. • D) Authentication: Focuses on verifying user identity but isn’t directly violated here. • E) Non-repudiation: This principle isn’t relevant to data theft scenarios.