CIA Triad Flashcards
What is the CIA Triad?
CIA Triad is a fundamental information security model consisting of 3 core principals: Confidentiality, Integrity, and Availability.
Define Confidentiality in the context of the CIA Triad.
Ensures that sensitive data is accessed only by authorized individuals.
Give an example of Confidentiality.
Personal information, passwords, or credit card details should only be visible to authorized users.
List vulnerabilities affecting Confidentiality.
- Data breaches
- SQL Injection (SQLi)
- Broken Access Control
Define Integrity in the context of the CIA Triad.
Ensures that data is accurate, consistent, and unaltered
Give an example of Integrity.
A bank transaction should not be altered within transit.
List vulnerabilities affecting Integrity.
- Man-in-the-Middle (MitM) Attacks
- Cross-Site Scripting (XSS)
- Broken Authentication
Define Availability in the context of the CIA Triad.
It guarantees authorized users have reliable access to information when needed.
Give an example of Availability.
A website should remain online and functional even during high traffic.
List vulnerabilities affecting Availability.
- Denial of Service (DoS) / Distributed Denial of Service (DDoS) Attacks
- Ransomware
- Hardware Failures
How does a data breach relate to the CIA Triad?
It threatens Confidentiality.
How does tampered transactions relate to the CIA Triad?
They threaten Integrity.
How does a website going offline relate to the CIA Triad?
It threatens Availability.
How can you protect Confidentiality?
Encryption, Access control, Multi-factor authentication, secure Communication (VPN)
How can you protect Integrity?
Checksums, digital signatures, version control
How can you protect Availability?
redundancy, backup, disaster recovery plans load balancing
