CIA Flashcards
Confidentiality
We ensure no one unauthorized can access the data
Integrity
We ensure the data has not been altered
Availability
We ensure authorized people can access the data they need, when they need to.
For data at rest we use
Encryption
For data in motion we use
Secure transport protocols(SSL, TLS , or IPSEC)
For data in use we use
Best practices - clean desk, no shoulder surfing
Confidentiality Threats
Attacks on your encryption Social engineeting Key loggers cameras Steganography.
Integrity - we Use
Cryptography Check sum Message Digests(hash) Digital Signatures Access Control.
Integrity threats
Alterations of our data
Code injections
Attacks on your encryption.
Availability - we use
IPS/IDS
Patch Management
Redundancy on hardware power, disks, traffic paths, hvac.
SLA’s
Availability - Threats
Malicious attacks
Applcation failures
Component failure
To much Confidentiality and the ______ can suffer
Availability
To much Integrity and the ______ can suffer
Availability
To much Availability and both the ______ and ______ can suffer.
Confidentiality and Integrity