Phishing is a common IT security threat that deceives individuals into providing sensitive information, often through fake emails or websites. It specifically targets personal data, making it the correct answer.

The correct answer is 'Denial of Service' (DoS), which is a network-based threat that floods a system with excessive traffic, rendering it unavailable to users. Other options like spyware and ransomware serve different malicious purposes.

The primary goal of information security is to protect data confidentiality, integrity, and availability, ensuring that sensitive information is safeguarded against unauthorized access, alteration, and loss.

The General Data Protection Regulation (GDPR) is a key legal requirement in the UK that mandates strict data protection and privacy measures, directly impacting the security of IT systems handling personal data.

A security breach can lead to significant loss of customer trust, as clients may feel their data is not safe. This often results in financial loss due to decreased sales and potential legal costs, making it the most impactful consequence.

Confidentiality is the principle that ensures only the intended recipient can read a message, protecting it from unauthorized access. This is crucial for secure communication.

Symmetric encryption uses the same key for both encryption and decryption, making it efficient for secure data transmission. In contrast, asymmetric encryption uses a pair of keys, and hashing is a one-way function, not for encryption.