Apply Information Security Principles (CIA Triad)
Help Questions
CPA Information Systems and Controls (ISC) › Apply Information Security Principles (CIA Triad)
The CIA triad in information security refers to which three core principles?
Confidentiality, Integrity, and Availability.
Compliance, Identity, and Authentication.
Cryptography, Infrastructure, and Access.
Control, Investigation, and Assurance.
Explanation
The CIA triad is the foundational model of information security comprising Confidentiality (protecting data from unauthorized access), Integrity (ensuring data is accurate and unaltered), and Availability (ensuring authorized users can access data when needed). Answer A is correct. Answers B, C, and D are fabricated acronyms not representing the CIA triad.
A ransomware attack encrypts a company's production database, making it inaccessible to authorized users. Which element of the CIA triad is most directly compromised?
Confidentiality
Availability
Integrity
Authentication
Explanation
Ransomware prevents authorized users from accessing data by encrypting it, directly attacking availability. Answer C is correct. Confidentiality (A) relates to unauthorized disclosure. Integrity (B) relates to unauthorized modification. Authentication (D) is a control mechanism, not a CIA triad component.
Which of the following controls most directly supports the confidentiality principle of the CIA triad?
Hash functions to verify that files have not been altered.
Encryption of sensitive data at rest and in transit.
Automated backup systems that run nightly.
Redundant power supplies to prevent system downtime.
Explanation
Encryption protects data from unauthorized disclosure by making it unreadable without the decryption key, directly supporting confidentiality. Answer D is correct. Redundant power supplies (A) support availability. Hash functions (B) support integrity. Backup systems (C) support availability.
A hospital's electronic health record system experiences an unplanned outage during a critical care situation. This event primarily threatens which CIA triad principle?
Confidentiality
Integrity
Availability
Authorization
Explanation
System unavailability during critical need directly threatens the availability principle - the assurance that authorized users can access information when required. Answer A is correct. Integrity (B) and confidentiality (C) are not compromised by an outage alone. Authorization (D) is a control mechanism, not a CIA principle.
A company implements SHA-256 hash verification on software downloads to ensure the files have not been tampered with. This control primarily supports which CIA triad principle?
Integrity
Non-repudiation
Availability
Confidentiality
Explanation
Hash verification confirms that a file's content has not changed since the hash was generated, directly protecting data integrity. Answer C is correct. Availability (A) relates to system uptime. Confidentiality (B) involves restricting access. Non-repudiation (D) involves proof of origin - while related to integrity, it is not the primary CIA principle served here.
A distributed denial-of-service (DDoS) attack floods a company's website with traffic, causing it to become unavailable to customers. Which CIA triad principle is primarily targeted by this attack?
Integrity
Authentication
Confidentiality
Availability
Explanation
A DDoS attack overwhelms systems to prevent legitimate users from accessing services, directly targeting availability. Answer D is correct. Confidentiality (A) and integrity (B) are not compromised by a DDoS attack. Authentication (C) is a control mechanism, not a CIA principle.
A financial institution discovers that an attacker intercepted and modified wire transfer instructions during transmission, changing the destination account. Which CIA triad principle was violated?
Availability
Non-repudiation
Integrity
Confidentiality
Explanation
Modifying data in transit (a man-in-the-middle attack altering transaction data) violates data integrity - the assurance that data has not been improperly changed. Answer B is correct. Availability (A) is not affected. Confidentiality (C) may also be affected if data was read, but the primary violation from modification is integrity. Non-repudiation (D) relates to proof of actions.
Which of the following scenarios represents a violation of the confidentiality principle?
A payroll file is corrupted due to a software bug, causing incorrect amounts.
An authorized user accidentally deletes critical financial records.
A database server crashes and becomes unreachable for four hours.
An unauthorized employee accesses and reads confidential merger documents stored on a shared drive.
Explanation
Unauthorized access to and reading of confidential documents is a confidentiality violation - sensitive information is disclosed to someone not authorized to view it. Answer C is correct. Server crash (A) is an availability issue. File corruption (B) is an integrity issue. Accidental deletion (D) is primarily an integrity/availability issue.
A company implements an intrusion detection system (IDS) that monitors network traffic for suspicious activity and alerts the security team. This control primarily supports which CIA triad principle(s)?
Availability only, since IDS primarily prevents denial-of-service attacks.
Integrity only, since IDS monitors data transmission accuracy.
Confidentiality only, since IDS detects unauthorized access attempts.
All three - it can detect attacks on confidentiality, integrity, and availability.
Explanation
An IDS monitors for a wide range of attacks - unauthorized access (confidentiality), data modification (integrity), and service disruption (availability) - supporting all three CIA principles. Answer A is correct. Limiting IDS to one principle (B, C, or D) understates its broad security monitoring scope.
Which of the following controls most directly supports the availability principle of the CIA triad?
Multi-factor authentication for all user logins.
Digital signatures on outgoing emails.
Redundant data centers with automatic failover capabilities.
Encryption of all data stored on company servers.
Explanation
Redundant data centers with failover ensure that systems remain accessible even if one location fails, directly supporting availability. Answer D is correct. MFA (A) supports authentication and confidentiality. Encryption (B) supports confidentiality. Digital signatures (C) support integrity and non-repudiation.