CISSP-ISSEP · Question #158
Which of the following terms describes the measures that protect and support information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-rep
The correct answer is D. Information Assurance (IA). Information Assurance (IA) is the correct answer because IA is formally defined as measures that protect and defend information and information systems by ensuring the five properties listed: availability, integrity, authentication, confidentiality, and non-repudiation - this exa
Question
Which of the following terms describes the measures that protect and support information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?
Options
- AInformation Systems Security Engineering (ISSE)
- BInformation Protection Policy (IPP)
- CInformation systems security (InfoSec)
- DInformation Assurance (IA)
How the community answered
(21 responses)- A5% (1)
- B5% (1)
- D90% (19)
Explanation
Information Assurance (IA) is the correct answer because IA is formally defined as measures that protect and defend information and information systems by ensuring the five properties listed: availability, integrity, authentication, confidentiality, and non-repudiation - this exact five-pillar definition is the textbook definition of IA, particularly within DoD and NIST frameworks.
The distractors fail for specific reasons: ISSE (A) is an engineering process for building security into systems, not a definition of protective measures themselves. IPP (B) refers to organizational policy documents governing how information is handled, not the overarching security discipline. InfoSec (C) is the closest distractor - it broadly covers protecting information - but it typically focuses on the CIA triad (confidentiality, integrity, availability) and does not formally include authentication and non-repudiation in its definition the way IA does.
Memory tip: Remember the acronym AIAIC - Availability, Integrity, Authentication, confidentiality, non-repudiation - and pair it with IA. The two extra pillars beyond the CIA triad (authentication + non-repudiation) are what distinguish Information Assurance from generic InfoSec; if the question lists all five, the answer is always IA.
Topics
Community Discussion
No community discussion yet for this question.