nerdexam
(ISC)2

CISSP-ISSEP · Question #158

Which of the following terms describes the measures that protect and support information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-rep

The correct answer is D. Information Assurance (IA). Information Assurance (IA) is the correct answer because IA is formally defined as measures that protect and defend information and information systems by ensuring the five properties listed: availability, integrity, authentication, confidentiality, and non-repudiation - this exa

Governance and Training

Question

Which of the following terms describes the measures that protect and support information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?

Options

  • AInformation Systems Security Engineering (ISSE)
  • BInformation Protection Policy (IPP)
  • CInformation systems security (InfoSec)
  • DInformation Assurance (IA)

How the community answered

(21 responses)
  • A
    5% (1)
  • B
    5% (1)
  • D
    90% (19)

Explanation

Information Assurance (IA) is the correct answer because IA is formally defined as measures that protect and defend information and information systems by ensuring the five properties listed: availability, integrity, authentication, confidentiality, and non-repudiation - this exact five-pillar definition is the textbook definition of IA, particularly within DoD and NIST frameworks.

The distractors fail for specific reasons: ISSE (A) is an engineering process for building security into systems, not a definition of protective measures themselves. IPP (B) refers to organizational policy documents governing how information is handled, not the overarching security discipline. InfoSec (C) is the closest distractor - it broadly covers protecting information - but it typically focuses on the CIA triad (confidentiality, integrity, availability) and does not formally include authentication and non-repudiation in its definition the way IA does.

Memory tip: Remember the acronym AIAIC - Availability, Integrity, Authentication, confidentiality, non-repudiation - and pair it with IA. The two extra pillars beyond the CIA triad (authentication + non-repudiation) are what distinguish Information Assurance from generic InfoSec; if the question lists all five, the answer is always IA.

Topics

#Information Assurance#Security principles#Foundational concepts#AICANN

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSEP Practice