CIA/AIC Triad

confidentiality

Info provided in a private manner

Integrity

Data can’t be changed without detection

Availability

All systems are up and running at all times

Encryption

Allows data to be accessible to authorized personnel while being denied to unauthorized personnel.

Encodes data so only users with the proper key can view/use the data.

Access controls

Selectively restrict users access to a resource

TFA

Two Factor Authentication - Additional info such as a key generated by software is needed in addition to a user name and password

Hashing

Used in integrity to match your hash with sender’s

Digital Signature

Encrypts hash using an asymmetric algorithm (public/private key). Confirms authenticity of data and identity of sender.

Certificates

Used to identify devices/users

Availability

Redundancy/fault tolerance - Ensures systems will be available even if hardware fails

Patching - Ensure system stability and close security holes