Module 2 - 02-2 Flashcards
The CIA Triad: Confidentiality, Integrity, and Availability
Define Security Posture
An organization’s ability to manage its defense of critical assets and data and react to change
What is a core security model?
CIA Triad
What does CIA stand for?
i. Confidentiality
ii. Integrity
iii. Availability
Define CIA Triad
A model that helps inform how organizations consider risk when setting up systems and security policies
Define Confidentiality
Only authorized users can access specific assets or data
What design principle can be implemented in an organization to enhance Confidentiality?
Principle of Least Privilege
Define the Principle of Least Privilege
Limits users’ access to only the information they need to complete work-related tasks
Define Integrity
The data is correct, authentic, and reliable
What is an example to verify data Integrity?
Cryptography
Define Cryptography
To transform data so unauthorized parties cannot read or tamper with it (NIST, 2022)
What is an example of how an organization might implement Integrity?
By enabling Encryption
Define Encryption
The process of converting data from a readable format to an encoded format
Define Availability
The data is accessible to those who are authorized to access it
The CIA triad is a model that helps inform how organizations consider _____ when setting up systems and security policies.
access
assets
data
risk
risk
Match each CIA triad component to the correct scenario: You must use two-factor authentication before signing into an employee portal.
CIA triad component
Confidentiality
Integrity
Availability
Confidentiality