Back to Security and Risk Management

Confidentiality, Integrity, and Availability (CIA) Triad

5 minutes 5 Questions

The CIA Triad is a widely accepted security model that considers three key principles that are crucial for information security: Confidentiality, Integrity, and Availability. Confidentiality ensures that sensitive information is kept secret and only accessible to authorized users. Privacy policies,…

Test mode:
Start practice test
CISSP - Confidentiality, Integrity, and Availability (CIA) Triad Example Questions

Test your knowledge of Confidentiality, Integrity, and Availability (CIA) Triad

Question 1

A financial institution is implementing a new system to allow customers access to their account balance. Which security control best ensures the availability of this service?

Correct Answer: Redundancy

Redundancy ensures the availability of a service by providing backup systems or resources in case of failure. Encryption and digital signatures provide confidentiality and integrity but not availability. Directory access control and VPN are related to access while IPS focuses on detecting/preventing unauthorized access.

Question 2

An organization employs a sales team equipped with mobile devices storing sensitive client data. Which security measure is the best solution to protect the stored data?

Correct Answer: Encryption

Encryption is the best choice because it ensures the confidentiality of sensitive data on mobile devices. Antivirus, IDS, and firewall focus on preventing unauthorized access and cannot protect the data stored on a device. While multifactor authentication provides additional security, it cannot guarantee data protection if unauthorized users bypass it.

Question 3

After a natural disaster, a company found their offsite backup location completely destroyed. What could have been done better to ensure the availability of their data?

Correct Answer: Geographically distribute backups across multiple locations

Geographically distributing backups across multiple locations ensures availability by providing redundancy, even in the case of a local disaster. The other options are not directly related to protecting backup data availability; they address aspects like confidentiality, access management, and network security.

More Confidentiality, Integrity, and Availability (CIA) Triad questions
54 questions (total)
Start 54 question test