real CIA triad

Question 1

what is it

Answer 1

combination of principles

the fundamentals of security

sometimes referenced as the AIC triad

Question 2

what is the C

Answer 2

confidentiality

prevent disclosure of info to unauthorized individuals or systems

Question 3

what is the I

Answer 3

integrity

messages can’t be modified without detection

Question 4

what is the A

Answer 4

availability

systems and networks must be up and running

Question 5

confidentiality

Answer 5

certain info should only be known by certain ppl

encryption
- encode messages so only certain ppl can read it

access controls
- selectively restrict access to a resource

two factor authentication
- additional confirmation before info. is disclosed

Question 6

integrity

Answer 6

data is stored and trasnferred as intended
- any modification to the data would be identified

hashing
- map data of an arbitrary length to data of a fixed length

digital signatures
- math scheme to verify the integrity of data

certifications
- combine with a digital signature to verify an individual

non repudiation
- provide proof of integrity can be asserted to be genuine

Question 7

availability

Answer 7

info is accessible to authorized users
- always at your fingertips

redundancy
- build services that will always be available

fault tolerance
- system will continue to run even when failure occurs

patching
- stability
- close security holes