Description should include
- explaining that the CIA triad model provides the baseline standard of evaluating and implementing information security measures on any system
- stating that each component in the CIA triad has designated goals that provide distinct requirements, and that each goal provides an essential component of information security measures
- identifying the goals within the CIA triad and defining the terms as they apply to cybersecurity
- confidentiality―ensures that data are only accessed by authorized person(s) through security measures such as usernames and passwords and access control lists (ACL)
- integrity―ensures the data are trusted. This means data must be guarded against unauthorized changes; methods of ensuring integrity include data permissions and encryption
- availability―provides solutions to ensure that systems can be accessed when requested; this includes providing deploying system protections and proper hardware maintenance and system patching.
Additional components should include
- authentication―process in which credentials are provided to verify the identity of an entity (e.g., user, system)
- nonrepudiation―a cryptologic technique that provides the proof of the integrity and origin of data.