0 / 16 flipped
CIA Triad
Tap to reveal
Confidentiality, Integrity, Availability β the three foundational principles of information security.
AIC Triad
Tap to reveal
Same as CIA Triad (Availability, Integrity, Confidentiality). Alternative name used to avoid confusion with the Central Intelligence Agency.
Confidentiality
Tap to reveal
Only authorized individuals can access data. Prevents unauthorized disclosure. Protected by encryption, access controls, and 2FA.
Integrity
Tap to reveal
Data is stored and transferred exactly as intended. Any modification is detectable. Protected by hashing, digital signatures, certificates.
Availability
Tap to reveal
Systems and data are accessible to authorized users whenever needed. Protected by redundancy, fault tolerance, and patching.
Encryption
CIA pillar?
Confidentiality. Encodes data so only parties with the correct key can read it. Protects data in transit and at rest from unauthorized viewing.
Access Control
CIA pillar?
Confidentiality. Restricts which users can reach which resources. Role-based, permission-based, or attribute-based.
Two-Factor Authentication
CIA pillar?
Confidentiality. Requires a second verification factor, reducing risk of unauthorized access even if credentials are stolen.
Hashing
CIA pillar?
Integrity. Creates a fixed-length fingerprint of data. Any change to data = different hash. Does NOT prove who sent the data.
Digital Signature
CIA pillar?
Integrity. Mathematical scheme using private/public keys to verify both data integrity AND sender identity. Provides non-repudiation.
Non-Repudiation
CIA pillar?
Integrity. Proof that a specific action occurred and the responsible party cannot deny it. Provided by digital signatures.
Redundancy
CIA pillar?
Availability. Duplicate systems or components ensure service continues if one fails. Examples: RAID, load balancing, backup ISPs.
Fault Tolerance
CIA pillar?
Availability. System continues operating even when a component fails. Closely related to redundancy β uses backup components automatically.
Patching
CIA pillar?
Availability. Applying software updates improves stability and closes security holes that attackers exploit to cause outages.
DDoS Attack
Which CIA pillar violated?
Availability. Floods a system with traffic to prevent legitimate users from accessing it. Does not expose or modify data directly.
Data Exfiltration
Which CIA pillar violated?
Confidentiality. Unauthorized copying or transfer of data to an outside party. Data is disclosed to someone who should not have it.