(A) Incorrect — screenshots do not modify the original records; the data remained intact in the EHR system.

(B) Incorrect — the celebrity can still access their records; availability was not impacted.

(D) Incorrect — non-repudiation is not one of the three CIA Triad properties.

(A) Incorrect — while the attacker may have viewed the data, the question asks about the alteration specifically.

(B) Incorrect — the encryption affected availability, but the question asks about the data modification.

(D) Incorrect — submitting claims to insurers is a normal business process, not unauthorized disclosure.

(A) Incorrect — using paper protocols in an emergency is standard procedure, not an unauthorized disclosure.

(B) Incorrect — the scenario states the servers went offline; it does not mention data corruption.

(D) Incorrect — potential transcription errors are a separate concern, not the primary CIA violation described.

(A) Incomplete — ignores the data modification and account lockout.

(B) Incomplete — ignores the account lockout that prevented access.

(C) Incomplete — ignores the unauthorized download of 500 patient records.

(A) Incorrect — the data itself was not modified; it was displayed to the wrong person.

(B) Incorrect — Patient B could still use the system; the issue is WHO saw the data, not whether access was available.

(D) Incorrect — CIA violations occur regardless of intent. Accidental disclosure is still a confidentiality breach.

(A) Partially correct — encryption protects confidentiality, but the question asks about the primary purpose of the overall backup strategy.

(B) Incorrect — standard backup processes copy data; integrity verification requires additional mechanisms like checksums or write-once storage.

(D) Incorrect — while backups touch multiple properties, the PRIMARY purpose of offsite backup is availability/recovery.