nerdexam
Exams312-50V10Questions#53
EC-Council

312-50V10 · Question #53

312-50V10 Question #53: Real Exam Question with Answer & Explanation

The correct answer is C: Confidentiality, Integrity, Availability. The CIA triad - Confidentiality, Integrity, and Availability - is the foundational framework that serves as the main theme underlying all IT security sub-policies.

Information Security and Ethical Hacking Fundamentals

Question

Security Policy is a definition of what it means to be secure for a system, organization or other entity. For Information Technologies, there are sub-policies like Computer Security Policy, Information Protection Policy, Information Security Policy, network Security Policy, Physical Security Policy, Remote Access Policy, and User Account Policy. What is the main theme of the sub-policies for Information Technologies?

Options

  • AAvailability, Non-repudiation, Confidentiality
  • BAuthenticity, Integrity, Non-repudiation
  • CConfidentiality, Integrity, Availability
  • DAuthenticity, Confidentiality, Integrity

Explanation

The CIA triad - Confidentiality, Integrity, and Availability - is the foundational framework that serves as the main theme underlying all IT security sub-policies.

Common mistakes.

  • A. Non-repudiation is a valid security concept but is not part of the CIA triad; replacing Integrity with Non-repudiation produces an incorrect combination that does not represent the standard IT security framework.
  • B. Authenticity and Non-repudiation are important but supplementary security properties, and this combination omits Availability, which is one of the three core pillars of the CIA triad.
  • D. Authenticity is not one of the three primary pillars of the CIA triad; Availability is the missing component needed to correctly complete the foundational framework.

Concept tested. CIA triad as foundation of IT security policy

Reference. https://www.nist.gov/publications/introduction-information-security

Topics

#CIA triad#security policy#confidentiality integrity availability

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V10 Practice