COURSE 2 – CYBERSECURITY ROLES, PROCESSES & OPERATING SYSTEM SECURITY

Module 2: Examples & Principles of the CIA Triad

IBM CYBERSECURITY ANALYST PROFESSIONAL CERTIFICATE

Complete Coursera Study Guide

Enroll in Coursera IBM Cybersecurity Analyst Professional Certificate Here

TABLE OF CONTENT

INTRODUCTION – Examples & Principles of the CIA Triad

This module will elucidate the significance of the CIA Triad in cybersecurity concepts and practices, outlining its components and their relevance in safeguarding digital assets.

Learning Objectives

  • Define authenticity and accountability in the context of cybersecurity
  • Define confidentiality, integrity, and availability in the context of cybersecurity and discuss their important components
  • Describe key terms and characters from the Alice and Bob cryptography scenario

FURTHER DISCUSSION OF CONFIDENTIALITY, INTEGRITY AND AVAILABILITY

1. In the Alice, Bob and Trudy examples, who is always portrayed as the intruder?

  • Alice
  • Bob
  • Natasha
  • Trudy (CORRECT)

Correct! Trudy is the intruder – in the middle between Alice and Bob.

2. Which aspect of the CIA Triad would cover preserving authorized restrictions on information access and disclosure?

  • Confidentiality (CORRECT)
  • Integrity
  • Availability

Correct! Preserving access authorization is what keeps the message confidential.

3. A message that Bob receives from Alice is genuine and can be verified as such demonstrates which key property?

  • Accountability
  • Availability
  • Authenticity (CORRECT)
  • Confidentiality

Correct! These properties attest to the messages authenticity.

PRINCIPLES OF THE CIA TRIAD

1. The unauthorized disclosure of information would violate which aspect of the CIA Triad?

  • Confidentiality (CORRECT)
  • Integrity
  • Availability
  • Authorization

2. Which aspect of the CIA Triad would cover ensuring information non-repudiation and authenticity?

  • Confidentiality
  • Integrity (CORRECT)
  • Availability
  • The time window during which data transmission is allowed for a given system.

3. If Trudy intercepts and reads a message that Alice is sending to Bob, and then she deletes it without allowing it to be delivered, which 2 aspects of the CIA Triad have been violated?

  • Availability & Integrity
  • Availability & Confidentiality (CORRECT)
  • Integrity & Confidentiality
  • Integrity & Authorization

WHAT IS AAA?

1. Which is the correct order for gaining access to a resource?

  • Identification, Authorization, Authentication, Accountability
  • Authentication Identification, Authorization, Accountability
  • Identification, Authentication, Authorization, Accountability (CORRECT)
  • Accountability, Identification, Authentication, Authorization

Correct! This is the correct order.

2. Which type of method would include “Something you know”, such as a password?

  • Accountability
  • Authorization
  • Authentication (CORRECT)
  • Identification

Correct! This is part of the Authentication step.

ACCESS CONTROL

1. Which three (3) are common methods of access control?

  • Role Based Access Control (RBAC) (CORRECT)
  • Discretionary Access Control (DAC) (CORRECT)
  • Perimeter Access Control (PAC)
  • CIA Triad Access Control (CTAC)
  • Mandatory Access Control (MAC) (CORRECT)

Partially correct! RBAC assigns access based upon the roles assigned to an individual.

Partially correct! DAC requires the creator of any object to assign access controls to that object.

Partially correct! This is a common form that uses labels to restrict access.

2. Which three (3) items would be considered Physical Access Control methods?

  • Work areas (CORRECT)
  • Perimetral (CORRECT)
  • Building (CORRECT)
  • Password policies
  • Access Control Lists (ACL)

Partially correct! This is a physical control method.

AUTHENTICATION AND ACCESS CONTROL

1. Which statement best describes Discretionary Access Control (DAC)?

  • Limits connections to computer networks, system files and data.
  • Each object (folder or file) has an owner and the owner defines the rights and privilege. (CORRECT)
  • Uses labels to regulate the access.
  • Limits access to campuses, buildings, rooms.

2. Which is an example of technical uses of physcial security controls?

  • Tokens
  • Tramps
  • Lists and logs
  • All of the above. (CORRECT)

3. Which of the following is NOT an authentication method?

  • Something you are
  • Something you get (CORRECT)
  • Something you have
  • Something you know

4. Hamid has access to certain resources because he is a Quality Control Inspector and he has access to other resources because he is the manager of that team. Which form of access control is his company most likely using?

  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)
  • Role Based Access Control (RBAC) (CORRECT)
  • Hierarchical Access Control (HAC)

5. Which type of method would include something you are, such as a fingerprint?

  • Authorization
  • Accountability
  • Authentication (CORRECT)
  • Identification

CONCLUSION – Examples & Principles of the CIA Triad

In conclusion, this module has provided a thorough explanation of the CIA Triad and its crucial importance in cybersecurity. By understanding its principles and application, practitioners can better protect digital assets and enhance overall cybersecurity posture.

Previous Week
Next Week

Subscribe to our site

Get new content delivered directly to your inbox.

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!

Subscribe