Ans. (A), (B) and (C) are correct.
First of all, in real world terms, privacy invasion is a threat to privacy not security. Privacy and security are two different things. To get clarity check out this link. In fact, it is possible to provide more national security with more privacy invasion.
Back to world of information, data and computers:
Here privacy invasion, in the form of access of personal data, is a threat to data security.
Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. Data security helps to ensure privacy or helps in protecting personal data. Thus, data security is about confidentiality, availability and integrity of data.
While, data privacy is defined as the appropriate use of data. When companies and merchants use data or information that is provided or entrusted to them, the data should be used according to the agreed purposes. The Federal Trade Commission enforces penalties against companies that have negated to ensure the privacy of a customer's data. Companies Ensure Data Privacy with the Help of a Data Security Policy. In some cases, companies have sold, disclosed or rented volumes of the consumer information that was entrusted to them to other parties without getting prior approval. This breach of trust and privacy is called Privacy Invasion.
The data security is facing the following top 5 major threats:
1. Data missing
In the field of information technology, data missing refers to the unforeseen loss of data or information. An occurrence of data loss can be called a Data Loss Event and there are several possible root causes. Backup and recovery schemes are developed to restore lost data.
Causes the data missing the reason to include:
Intentional Action - Intentional deletion of a file or program.
Unintentional Action - Accidental deletion of a file or program, Misplacement of CDs or floppies, Administration errors, Inability to read unknown file format.
Failure - Power failure, resulting in data in volatile memory not being saved to permanent memory. Hardware failure, such as a head crash in a hard disk. A software crash or freeze, resulting in data not being saved.
Software bugs or poor usability, such as not confirming a file delete command. Business failure (vendor bankruptcy), where data is stored with a software vendor using Software-as-a-service and SaaS data escrow has not been provisioned. Data corruption, such as file system corruption or database corruption.
Disaster - Natural disaster, earthquake, flood, tornado, fire, etc.
2. Network attack
For system vulnerabilities and software bug attacks carried out mainly distributed denial of service attacks, using buffer overflow attacks.
3. Virus or Trojan
A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.
Trojan horses are designed to allow a hacker remote access to a target computer system. Once a Trojan horse has been installed on a target computer system, it is possible for a hacker to access it remotely and perform various operations on data. The operations that a hacker can perform are limited by user privileges on the target computer system and the design of the Trojan horse.
4. Password theft
Data or disk file encryption and decryption is an important means of data protection, so by way of stealing passwords or illegal access to confidential data and information on the computer is a data security threat.
5. Human factors
Interpersonal deception, revenge, etc., inadvertently leads to data security threats and the most vulnerable situation.
