Security Operations and Administration Flashcards
Limits are placed on who is allowed to view information, including copying it to another form.
Confidentiality
The information stays complete and correct when retrieved, displayed, or acted upon.
Integrity
The information is presented to the user in a timely manner when required and in a form and format that meets the user’s needs.
Availability
Only previously approved, known, and trusted users or processes have been able to create, modify, move or copy the information.
Authenticity
The content of the information, its form and content, and its presentation or delivery to the user meets the user’s needs.
Utility
The information is legally owned or held by a known, authorized user, such that the user has authority to exert control over its use, access, modification, or movement.
Possession or Control
The System and its information, by design, do not cause unauthorized harm or damage to others, their property, or their lives
Safety
Information that attests to or relates to the identity of a person, or links specific activities to that identity, must be protected from being accessed, viewed, copied, modified, or otherwise used by unauthorized persons or systems.
Privacy
User who created, used, viewed, or accessed the information, or shared it with others, cannot later deny that they did so.
Nonrepudiation
The information can be reviewed, audited, and made visible or shared with competent authorities for regulatory, legal, or other processes that server the public good.
Transparency
Confidentiality, Integrity, and availability
CIA Triad
Confidentiality, integrity, availability, nonrepudiation, and authentication
CIANA
Confidentiality, integrity, availability, nonrepudiation, authentication, privacy, and security
CIANA+PS
Confidentiality, integrity, availability, authenticity, utility, and possession or control
Parkerian Hexad
Information that you have, own, or create, and that you share with someone else with the agreement that they cannot share that knowledge with anyone else without your consent or without due process of law.
Privileged Information