CIA Triad Flashcards
What is the CIA triad?
A model that helps inform how organizations consider risk when setting up systems and security policies. It consists of three elements: confidentiality, integrity, and availability.
What is confidentiality?
The idea that only authorized users can access specific assets or data. It can be enhanced through principles like least privilege, which limits users’ access to only the information they need for work-related tasks.
What is integrity?
The idea that data is verifiably correct, authentic, and reliable. It can be maintained through methods like cryptography and encryption to prevent unauthorized access or tampering.
What is availability?
The idea that data is accessible to those who are authorized to use it.
For example, allowing remote employees to access an internal network while still maintaining appropriate access limitations.
What is security posture?
An organization’s ability to manage its defense of critical assets and data and react to change.
What is encryption?
The process of converting data from a readable format to an encoded format. It can be used to prevent unauthorized access and ensure data cannot be tampered with.
What is the principle of least privilege?
A security principle that limits users’ access to only the information they need to complete their work-related tasks.
