IT Examiner School eBook May 2025

Principles of Information Security

The CIA Triad

• Confidentiality. Only authorized entities, have access to the data. • Integrity. There are no unauthorized modifications of the data. • Availability. Authorized entities can access the data when and how they are permitted to do so.

Principles of Information Security

Security vs Performance

• Security. Security is a trade off in performance, useability, backward compatibility. • Balance. Companies must tradeoff and strike a balance between the amount of security, regulatory obligations and risk tolerance. • C-I-A must be considered when applying the appropriate amount of security into an environment.

Security

Performance