nerdexam
(ISC)2

CISSP-ISSEP · Question #159

Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality,

The correct answer is B. Five Pillars model. Option B is correct because the Five Pillars of Information Assurance is a U.S. Department of Defense-rooted model that explicitly defines IA around exactly these five properties: Availability, Integrity, Authentication, Confidentiality, and Non-repudiation (AIAAN). Why the distr

Security Planning and Design

Question

Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?

Options

  • AParkerian Hexad
  • BFive Pillars model
  • CCapability Maturity Model (CMM)
  • DClassic information security model

How the community answered

(37 responses)
  • A
    3% (1)
  • B
    89% (33)
  • C
    5% (2)
  • D
    3% (1)

Explanation

Option B is correct because the Five Pillars of Information Assurance is a U.S. Department of Defense-rooted model that explicitly defines IA around exactly these five properties: Availability, Integrity, Authentication, Confidentiality, and Non-repudiation (AIAAN).

Why the distractors are wrong:

  • A. Parkerian Hexad - A six-element model (not five) that adds Possession/Control and Utility to the CIA triad; it doesn't specifically list non-repudiation as a named pillar.
  • C. Capability Maturity Model (CMM) - Unrelated to IA; it's a framework for measuring software process maturity across five levels (Initial → Optimizing), developed by Carnegie Mellon's SEI.
  • D. Classic information security model - Refers to the CIA Triad (Confidentiality, Integrity, Availability) - only three elements, with no mention of authentication or non-repudiation.

Memory tip: Think "Five Pillars = CIA + AN" - take the classic CIA Triad and add Authentication and Non-repudiation. Five properties, five pillars, one IA model.

Topics

#Information Assurance (IA)#Security models#Five Pillars of IA#Security principles

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSEP Practice