Objective 1.2Critical Priority10 min read

CIA Triad

The three foundational pillars of information security: Confidentiality (preventing unauthorized disclosure), Integrity (preventing unauthorized modification), and Availability (ensuring authorized access when needed).

Understanding CIA Triad

The CIA Triad is the foundation of all information security. Every security control, every policy, every decision ultimately serves one or more of these three principles: Confidentiality, Integrity, and Availability.

Confidentiality ensures that information is only accessible to those authorized to see it. Encryption, access controls, and data classification all serve confidentiality.

Integrity ensures that information hasn't been tampered with or modified without authorization. Hashing, digital signatures, and change detection serve integrity.

Availability ensures that information and systems are accessible when authorized users need them. Redundancy, backups, and disaster recovery serve availability.

These three principles often create tension. Maximum confidentiality (encrypt everything, restrict all access) can hurt availability. Maximum availability (open access, no restrictions) destroys confidentiality. Security professionals balance these competing needs based on business requirements.

Why This Matters for the Exam

The CIA Triad appears throughout the entire Security+ exam. For any scenario question, asking "which CIA principle is at risk?" helps identify the correct answer.

CompTIA uses the CIA Triad as a framework for categorizing security concerns. Questions might ask which principle is violated by a specific attack, or which principle a specific control protects. Understanding CIA helps you think like the exam writers.

This concept also connects to real-world security decisions. When prioritizing security investments, understanding whether you're protecting confidentiality, integrity, or availability helps justify decisions and allocate resources appropriately.

Deep Dive

Confidentiality - Preventing Unauthorized Disclosure

Confidentiality means keeping secrets secret. Only authorized parties should access sensitive information.

Threats to Confidentiality:

  • Data breaches and leaks
  • Eavesdropping and interception
  • Social engineering attacks
  • Unauthorized access
  • Shoulder surfing and dumpster diving

Controls Protecting Confidentiality:

  • Encryption (data at rest and in transit)
  • Access control lists (ACLs)
  • Authentication mechanisms
  • Data classification and labeling
  • Physical security (locks, badges)
  • Privacy screens and secure disposal

Integrity - Preventing Unauthorized Modification

Integrity means data is accurate and hasn't been tampered with. You can trust that what you see is what was intended.

Threats to Integrity:

  • Man-in-the-middle attacks
  • Malware modifying files
  • SQL injection altering data
  • Unauthorized changes by insiders
  • Bit rot and data corruption

Controls Protecting Integrity:

  • Hashing (SHA-256, MD5 for verification)
  • Digital signatures
  • Version control
  • Input validation
  • File integrity monitoring
  • Database constraints and validation

Availability - Ensuring Authorized Access

Availability means systems and data are accessible when needed by authorized users.

Threats to Availability:

  • Denial of Service (DoS/DDoS) attacks
  • Ransomware (encrypts and blocks access)
  • Hardware failures
  • Natural disasters
  • Power outages
  • Network failures

Controls Protecting Availability:

  • Redundancy (RAID, clustering)
  • Backups and disaster recovery
  • Load balancing
  • Failover systems
  • UPS and generators
  • DDoS mitigation services

The CIA Balance

ScenarioPrimary ConcernTrade-off
Military intelligenceConfidentialityMay sacrifice availability for secrecy
Financial transactionsIntegrityMust ensure data isn't altered
E-commerce websiteAvailabilityDowntime = lost revenue
Healthcare recordsAll threeNeed confidentiality, accuracy, AND access

Extended Models: The CIA+ Concepts

Some frameworks extend CIA with additional principles: • Non-repudiation - Can't deny actions (covered separately) • Authentication - Verifying identity • Authorization - Verifying permissions

These support CIA but aren't part of the core triad.

How CompTIA Tests This

Example Analysis

Scenario: An attacker intercepts network traffic between a user and their bank, capturing login credentials and account information without modifying any data.

Analysis: This attack primarily violates Confidentiality because: • Information was disclosed to an unauthorized party • The attacker READ sensitive data • No data was changed (integrity intact) • The user could still access their account (availability intact)

If the attacker modified transaction amounts: That would ALSO violate Integrity If the attacker blocked access to banking: That would ALSO violate Availability

Control that would help: Encryption (TLS/HTTPS) protects confidentiality by preventing eavesdropping.

Key Terms to Know

CIA triadconfidentialityintegrityavailabilityinformation securitysecurity principlesdata protectionsecurity fundamentals

Common Mistakes to Avoid

Confusing integrity with availability—integrity is about ACCURACY of data. Availability is about ACCESS to data. Ransomware violates availability (you can't access files) even though the files technically exist.
Thinking confidentiality only means encryption—access controls, authentication, physical security, and data handling procedures all protect confidentiality.
Forgetting that integrity includes detection—integrity controls don't just prevent modification; they also DETECT when modification occurs (file integrity monitoring, hashing).
Missing that one attack can violate multiple principles—ransomware violates availability (can't access) and potentially integrity (files modified). Man-in-the-middle can violate confidentiality AND integrity.

Exam Tips

For every scenario, ask: "What CIA principle is threatened?" This helps narrow down answers quickly.
Encryption primarily protects CONFIDENTIALITY. Hashing primarily protects INTEGRITY. Redundancy primarily protects AVAILABILITY.
DoS/DDoS attacks = Availability threat. Data breaches = Confidentiality threat. Data tampering = Integrity threat.
Healthcare questions often involve all three: patient privacy (C), accurate records (I), and access for care (A).
Remember: CIA is about DATA and SYSTEMS, not just data. System availability is part of availability.

Memory Trick

"CIA = Can I Access? Can I Alter? Can I See?"

  • Confidentiality = Can unauthorized people SEE it? (Reading)
  • Integrity = Can unauthorized people ALTER it? (Writing/Changing)
  • Availability = Can authorized people ACCESS it? (Using)
  • The Lock Analogy:
  • Confidentiality = Only you have the key
  • Integrity = The lock shows if someone tampered with it
  • Availability = The door opens when you need it to
  • Attack Categories:
  • Disclosure/Breach → Confidentiality
  • Modification/Tampering → Integrity
  • Destruction/Disruption → Availability
  • The Easy Memory Check:
  • C = Conceal (hide from unauthorized)
  • I = Intact (keep unchanged)
  • A = Accessible (available when needed)

Test Your Knowledge

Q1.A ransomware attack encrypts all files on a company's file server, making them inaccessible to employees. Which CIA principle is PRIMARILY violated?

Q2.An organization implements SHA-256 hashing for all files stored on their servers and regularly compares current hashes to baseline hashes. Which CIA principle does this PRIMARILY protect?

Q3.A healthcare organization must protect patient records so that: only authorized staff can view them, the records are accurate and unaltered, and doctors can access them during emergencies. Which statement is correct?

Want more practice with instant AI feedback?

Practice with AI

Continue Learning

Non-repudiationAuthentication FundamentalsTechnical ControlsDefense in Depth

Ready to test your knowledge?

Practice questions on cia triad and other Objective 1.2 concepts.

Start Practice
Back to Domain 1Non-repudiation