CISSP-ISSEP · Question #159
Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality,
The correct answer is B. Five Pillars model. Option B is correct because the Five Pillars of Information Assurance is a U.S. Department of Defense-rooted model that explicitly defines IA around exactly these five properties: Availability, Integrity, Authentication, Confidentiality, and Non-repudiation (AIAAN). Why the distr
Question
Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?
Options
- AParkerian Hexad
- BFive Pillars model
- CCapability Maturity Model (CMM)
- DClassic information security model
How the community answered
(37 responses)- A3% (1)
- B89% (33)
- C5% (2)
- D3% (1)
Explanation
Option B is correct because the Five Pillars of Information Assurance is a U.S. Department of Defense-rooted model that explicitly defines IA around exactly these five properties: Availability, Integrity, Authentication, Confidentiality, and Non-repudiation (AIAAN).
Why the distractors are wrong:
- A. Parkerian Hexad - A six-element model (not five) that adds Possession/Control and Utility to the CIA triad; it doesn't specifically list non-repudiation as a named pillar.
- C. Capability Maturity Model (CMM) - Unrelated to IA; it's a framework for measuring software process maturity across five levels (Initial → Optimizing), developed by Carnegie Mellon's SEI.
- D. Classic information security model - Refers to the CIA Triad (Confidentiality, Integrity, Availability) - only three elements, with no mention of authentication or non-repudiation.
Memory tip: Think "Five Pillars = CIA + AN" - take the classic CIA Triad and add Authentication and Non-repudiation. Five properties, five pillars, one IA model.
Topics
Community Discussion
No community discussion yet for this question.