Understand and Apply Concepts of

               Confidentiality, Integrity, and Availability


               Security management concepts and principles are inherent elements
               in a security policy and solution deployment. They define the basic

               parameters needed for a secure environment. They also define the
               goals and objectives that both policy designers and system
               implementers must achieve to create a secure solution. It is important
               for real-world security professionals, as well as CISSP exam students,
               to understand these items thoroughly. This chapter includes a range of
               topics related to the governance of security for global enterprises as
               well as smaller businesses.


               Security must start somewhere. Often that somewhere is the list of
               most important security principles. In such a list, confidentiality,
               integrity, and availability (CIA) are usually present because these are
               typically viewed as the primary goals and objectives of a security
               infrastructure. They are so commonly seen as security essentials that
               they are referenced by the term CIA Triad (see Figure 1.1).