What is the CIA triad in Security+?
D1 ยท General ยท CompTIA Security+ SY0-701The CIA triad is the foundational model of information security. It stands for:
๐ต Confidentiality โ Only authorized users can access the data. Controls: encryption, access controls, need-to-know.
๐ข Integrity โ Data has not been altered without authorization. Controls: hashing (SHA-256), digital signatures, file monitoring.
๐ก Availability โ Systems and data are accessible when needed. Controls: redundancy, backups, DDoS mitigation, UPS.
๐ต Confidentiality โ Only authorized users can access the data. Controls: encryption, access controls, need-to-know.
๐ข Integrity โ Data has not been altered without authorization. Controls: hashing (SHA-256), digital signatures, file monitoring.
๐ก Availability โ Systems and data are accessible when needed. Controls: redundancy, backups, DDoS mitigation, UPS.
Ransomware attacks Availability. Data theft attacks Confidentiality. A rogue employee modifying records attacks Integrity. Know which pillar each attack targets.