The CIA Triad

Master the three core objectives of any cybersecurity program.

Why the Triad?

Every security tool, policy, or architecture exists to support one of these three things. Think of it as the Standard Operating Environment for every security decision you will ever make.

Objective 01

Confidentiality

Ensuring that sensitive information is only accessible to those authorized to see it. It's about keeping secrets secret.

Key Concepts

  • Authentication: Proving you are who you say you are (MFA).
  • Authorization: Granting the right permissions (RBAC).
  • Symmetric Encryption: Using a single secret key to both lock (scramble) and unlock (descramble) data.
The "Clear Text" Analogy: Without encryption, your data is like a postcard that anyone can read. Encryption turns it into a locked envelope that only the key-holder can open.
Objective 02

Integrity

Ensuring data is accurate, consistent, and hasn't been tampered with. It's about keeping data accurate.

Key Concepts

  • Syslogs: Records of activity. Bad actors often try to delete these to hide their modifications.
  • Cryptographic Functions: Using Digital Signatures or MACs to detect even a tiny change in a record.
  • Blockchain: A distributed ledger that is "immutable"—once something is recorded, it can never be changed or deleted.
Objective 03

Availability

Ensuring systems and data are ready for use when authorized users need them. It's about keeping systems online.

Threats to Availability

  • DoS: A single computer flooding a server with traffic.
  • DDoS: A "Botnet" of hijacked computers acting as a force multiplier to crash a server.
  • SYN Flood: Exploiting the TCP "Handshake." The attacker asks to talk but never finishes the greeting, tying up all the server's resources.

Dictionary

RBAC Role-Based Access Control. Giving permissions based on a job title rather than a specific person.
Ciphertext The scrambled, unreadable version of data after encryption.
Botnet A network of "zombie" computers controlled by a hacker to launch massive attacks.
TCP Handshake The 3-step process (SYN, SYN-ACK, ACK) computers use to start a conversation.
MAC Message Authentication Code. A small tag used to confirm that a message hasn't been altered.

Architecture Review Quiz

Click an answer to reveal the correct choice and the logic behind it.