The CIA Triad

Choose a study mode

Play Quiz

Study Flashcards

Spaced Repetition

Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following best describes confidentiality in the context of the CIA triad?

The assurance that information is trustworthy and accurate
A set of rules that limits access to information (correct)
A guarantee of reliable access to information
The protection of sensitive business information

What does the Parkerian Hexad principle of authenticity refer to?

The protection of sensitive business information
The truth of the claim of origin or authorship of information (correct)
The usefulness of information
The loss of control or possession of information

What is the purpose of information security?

To limit access to information
To ensure the reliability and accuracy of information
To protect sensitive business information from modification, disruption, destruction, and inspection (correct)
To provide availability of information

Which of the following is an example of a fabrication threat?

Log / Audit Trail Falsification (C) Signup and view all the answers

What is the difference between a modification attack and a fabrication attack?

A modification attack attacks the authenticity of the system, while a fabrication attack attacks the integrity of the system. (A) Signup and view all the answers

What is the Risk Management Framework used for?

To identify, eliminate, and minimize risks in a company's environment. (D) Signup and view all the answers

Which of the following best describes the principle of possession or control in the Parkerian Hexad?

Loss of control or possession of information involving the breach of confidentiality (B) Signup and view all the answers

What is the purpose of the CIA triad?

To provide confidentiality, integrity, and availability of information (A) Signup and view all the answers

What does information security refer to?

The processes and tools designed and deployed to protect sensitive business information (B) Signup and view all the answers

Which of the following is an example of a fabrication attack?

Log / Audit Trail Falsification (B) Signup and view all the answers

What is the difference between a modification attack and a fabrication attack?

A modification attack modifies the assets of the system, while a fabrication attack inserts counterfeit objects into the system. (A) Signup and view all the answers

What is the purpose of the Risk Management Framework?

To identify, eliminate and minimize risks in a company's environment. (D) Signup and view all the answers

Flashcards are hidden until you start studying

Study Notes

CIA Triad

Confidentiality refers to the protection of sensitive information from unauthorized access, use, disclosure, disruption, modification, or destruction.

Parkerian Hexad

The principle of authenticity refers to the assurance that data is genuine and tamper-free.
The principle of possession or control refers to the ability to control and manage access to data and resources.

Information Security

The purpose of information security is to protect information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Threats

A fabrication threat is an example of an unauthorized creation of data or logs, such as inserting fake transactions into a database.
A modification attack involves altering data in an unauthorized manner, whereas a fabrication attack involves creating new data or logs.

Risk Management Framework

The Risk Management Framework is used to manage and mitigate risks to an organization's information systems.
The purpose of the Risk Management Framework is to identify, assess, and prioritize risks, and to implement controls and countermeasures to mitigate those risks.