Home »
Cyber Security
Goals of Cyber Security
Goals of Cyber Security: In this article, we are going to learn about the important goals of Cyber Security.
Submitted by Vanka Manikanth, on March 17, 2020
This section is to provide a deep understanding of the foundation of security with the well-known triad CIA, hey it's not a Central Intelligence Agency, this CIA referred to as Confidentiality, Integrity, and anonymity. To avoid confusion, we can refer to it as the AIC triad.
The CIA triad is the most common principle to assess, select and implement the proper security controls to reduce risk.
1) Confidentiality
Making sure that your sensitive information is accessible to authorized users and ensuring no data is disclosed to unintended ones. For example, your password is confidential and shall not be shared who might exploit it which eventually hampers Confidentiality.
Methods to ensure Confidentiality:
- Data encryption
- Two or Multifactor authentication
- Verifying Biometrics
2) Integrity
Ensuring all your data is accurate; reliable and it must not be altered in the transmission from one point to another.
Methods to ensure Integrity:
- No unauthorized shall have access to delete the files, which breaches confidentiality also. So, there shall be User Access Controls.
- Proper backups must be available to restore immediately.
- Version controlling must be there to check the log who has modified.
3) Availability
Whenever the user has requested a resource for a piece of information there shall not be any attack warnings such as Denial of Service (DoS). All the information has to be available. For example, a website is under the hands of hackers resulting in the DoS so there hampers the availability.
Methods to ensure Availability:
- Spare equipment like firewalls, proxy servers on the downtime which can guard.
- Storing backup at a geographically isolated location.
- Having a DR plan, Disaster recovery plan.
Multiple choices questions & answers
2) DoS attack comes under
- Integrity
- Man in the middle attack
- Availability breach
Correct answer: 1
Integrity
3) Data encryption methodology comes under?
- Integrity
- DoS attack
- Confidentiality
Correct answer: 3
Confidentiality
4) A and B are having a business chat and C has been in the middle and just changing the responses from both and sending his required data which principle is hampering here
- Confidentiality
- Integrity
- Authorization
Correct answer: 2
Integrity
5) Assume that your Instagram has got into hacker's hands and posted some objectionable content but you were unable to log in as they changed your password all security questions to recover your account. Which of the following principles the attack can be considered?
- Confidentiality
- Integrity
- Confidentiality, Integrity, and Availability
Correct answer: 3
Confidentiality, Integrity, and Availability
6) ________means your password cannot be accessible by unauthorised users
- Confidentiality
- Integrity
- Authenticity
Correct answer: 1
Confidentiality
7) Employee sensitive information has been leaked through a flaw existing in an application by an Ex-Employee.
- Personal data is an asset
- Ex-Employee is an Asset
- By medium used by hacker is an asset
Correct answer: 1
Personal data is an asset
8) Flooding lots of traffic to an application by a threat agent and an application cannot be accessible comes under which principle.
- Availability
- Integrity
- Request Handling
Correct answer: 1
Availability
10) Authentication means
- Provided accessible permission
- Set of rules to validate the given credentials
- None of the Above
Correct answer: 2
Set of rules to validate the given credentials, Authentication is just providing a way to making sure you are authorized user