Cybersecurity CIA triad

What is the CIA Triad?

A foundational cybersecurity model describing the three core goals: Confidentiality, Integrity, and Availability.

What does Confidentiality mean in networking?

Ensuring only authorized users can access information or systems.

What is the importance of confidentiality in networks?

Data is constantly transmitted and can be intercepted if not protected.

What are examples of data requiring confidentiality?

Passwords, personal information, grades, financial data, login tokens, employee/student records.

What is the most important confidentiality control?

Encryption.

What does encryption do?

Converts readable data into unreadable form.

Where is encryption used?

HTTPS, VPNs, WPA2/WPA3 Wi-Fi, SSH, encrypted backups.

What states does encryption protect data in?

Data in transit and data at rest.

How do passwords support confidentiality?

They prevent unauthorized logins.

What are examples of authentication?

Switch/router passwords, Wi-Fi passwords, MFA.

What are Access Control Lists (ACLs)?

Rules that control who can access a network or service.

Give an example of an ACL.

Only teachers' IP range can access the gradebook server.

What is network segmentation?

Splitting a network into parts to restrict access.

How do VLANs protect confidentiality?

They prevent unauthorized users from reaching sensitive network areas.

Give an example of VLAN usage.

Students on VLAN 10, teachers on VLAN 20.

What is port security?

Prevents unauthorized devices from connecting to switch ports.

What are common confidentiality attacks?

Packet sniffing, ARP spoofing, MITM, phishing, password attacks.

What is an example of a confidentiality failure?

Capturing unencrypted login credentials on open Wi-Fi.

How can Wi-Fi confidentiality failures be fixed?

WPA3 encryption and HTTPS.

What does Integrity mean?

Ensuring data is accurate, unchanged, and trustworthy.

What is the importance of integrity?

Altered data makes systems unreliable.

What are examples of integrity violations?

Changing grades, packet modification, routing table changes, fake ARP messages.

What are hashing and checksums used for?

Verifying data has not changed.

What are examples of integrity verification?

TCP checksums, SHA-256 hashes.

What are digital signatures used for?

Verifying authenticity of software or updates.

How do access controls protect integrity?

They prevent unauthorized changes.

What are integrity protection tools?

DAI, DHCP Snooping, secure routing, log monitoring.

What does DHCP Snooping prevent?

Rogue DHCP servers.

What does Dynamic ARP Inspection prevent?

ARP spoofing.

What are common integrity attacks?

MITM alteration, ARP poisoning, DNS spoofing, malware.

What is an example of an integrity failure?

Rogue DHCP server changing gateway information.

What control stops rogue DHCP?

DHCP Snooping.

What does Availability mean?

Ensuring systems and data are accessible when needed.

What is the importance of availability?

Secure data is useless if systems are down.

What is redundancy?

Using extra devices or links to prevent downtime.

What are examples of redundancy?

Backup switches, routers, links, RAID storage.

What are backups used for?

Restoring lost or damaged data.

What does a UPS do?

Keeps systems running during power outages.

What is DDoS protection?

Prevents traffic floods that overwhelm networks.

How does segmentation help availability?

Problems in one VLAN don't affect the entire network.

What is load balancing?

Distributing traffic across multiple servers.

What is automatic failover?

A backup system takes over if the primary fails.

What are common availability attacks?

DDoS, broadcast storms, STP loops, cable damage, power outages.

What is an example of an availability failure?

Broadcast storm taking down a network.

How can broadcast storms be fixed?

Storm control and proper STP configuration.

Intercepted unencrypted Wi-Fi traffic affects which CIA element?

Confidentiality.

Rogue DHCP server affects which CIA element?

Integrity.

Broadcast storm affects which CIA element?

Availability.

Which control protects confidentiality and integrity?

Encryption.

Which controls protect availability?

UPS, redundancy, STP, backups.

VLANs primarily support which CIA element?

Confidentiality (and partially availability).