Chapter 2 Β· Quiz

CIA Triad Quiz

Multiple choice, matching, analysis, and evaluation questions.

Part A β€” Multiple Choice

Q1
Which CIA principle does encryption primarily protect?
βœ… Correct: C β€” Confidentiality. Encryption encodes data so only authorized parties can read it. It prevents unauthorized disclosure β€” the core goal of confidentiality.
Q2
An attacker intercepts a file during transmission and modifies its contents before it reaches the recipient. Which CIA principle is MOST directly violated?
βœ… Correct: C β€” Integrity. The file was modified in transit β€” the data is no longer exactly as the sender intended. Hashing or digital signatures would have detected this alteration.
Q3
Fault tolerance and redundancy are mechanisms that primarily support which CIA principle?
βœ… Correct: D β€” Availability. Fault tolerance and redundancy ensure systems keep running even when components fail β€” maintaining access for authorized users.
Q4
A DDoS attack floods a company's web server, making its website inaccessible. Which CIA principle is violated?
βœ… Correct: C β€” Availability. A DDoS attack denies access to authorized users without necessarily exposing or modifying any data.
Q5
Why is the CIA Triad sometimes called the AIC Triad?
βœ… Correct: B. The AIC name avoids ambiguity with the intelligence agency. The principles and meaning are identical β€” only the order differs.

Part B β€” Matching

Match each mechanism to its primary CIA principle.

MECHANISM

Hashing
Redundancy
Encryption
Two-Factor Authentication

CIA PRINCIPLE

Integrity
Availability
Confidentiality
Confidentiality

Part C β€” Analysis

Q6 β€” Analyze
A company's security architecture includes strong encryption and access controls but has no backup systems, no patching schedule, and a single-server infrastructure. Which CIA pillar is most at risk and what is the likely consequence?
βœ… Best Answer: C β€” Availability. The company has invested in confidentiality but completely neglected availability. No redundancy means one hardware failure = total outage. Unpatched systems are prime targets for ransomware β€” the ultimate availability attack.

Part D β€” Evaluation

Q7 β€” Evaluate
A security team argues that Confidentiality is the most important CIA pillar for a healthcare organization. A second team argues Availability is more critical because doctors need patient data in emergencies. Who is correct?
βœ… Best Answer: C. In healthcare, ALL three matter critically: Confidentiality (patient privacy / HIPAA), Integrity (wrong medication data could kill patients), Availability (inaccessible records in an emergency = fatal). The CIA Triad is a balance β€” overemphasizing one at the expense of others creates dangerous vulnerabilities.
0/7
Questions Answered Correctly