CIA Triad: Principles of Information Security Flashcards
CIA Triad: Principles of Information Security (20 cards)
What does the CIA Triad stand for in cybersecurity?
Confidentiality, Integrity, and Availability.
What is the goal of Confidentiality in cybersecurity?
To ensure that information is only accessible to authorized users.
What is the primary purpose of Integrity in information security?
To protect information from being altered or tampered with.
What does Availability ensure in the context of the CIA Triad?
That data and systems are accessible when needed by authorized users.
Give an example of a confidentiality control.
Encryption of sensitive files.
What is a common threat to Integrity?
Unauthorized data modification or file corruption.
How does a DDoS attack affect the CIA Triad?
It impacts Availability by overwhelming resources and making services unavailable.
How does a strong password help with Confidentiality?
It prevents unauthorized access to information.
What is a hash function primarily used for in the CIA Triad?
Ensuring Integrity by verifying that data has not changed.
Which part of the CIA Triad does backup and disaster recovery support?
Availability – ensuring data can be restored and accessed after incidents.
Why is access control important for Confidentiality?
It limits access to data only to those who are authorized.
What role do digital signatures play in the CIA Triad?
They support Integrity and also Authentication.
What CIA Triad principle does file permissions enforce?
Confidentiality.
How do firewalls help enforce the CIA Triad?
By restricting access (Confidentiality) and protecting availability.
What type of attack violates Confidentiality?
Eavesdropping or man-in-the-middle (MITM) attacks.
What type of control supports data Integrity during file transfer?
Checksums or cryptographic hashes.
What is the impact of ransomware on the CIA Triad?
It affects all three: encrypts files (Confidentiality), corrupts them (Integrity), and denies access (Availability).
Which CIA Triad principle is impacted when a system crashes unexpectedly?
Availability.
How do redundant systems support Availability?
They ensure services remain accessible even if one system fails.
What is the consequence of failing to enforce Confidentiality in a SOC?
Data leaks or breaches exposing sensitive information.
