Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
1.4.1. The CIA Triad as a Decision Framework
Every security control addresses one or more of these three properties:
| Technology | C | I | A | Primary Purpose |
|---|---|---|---|---|
| Encryption | ✓ | Protect data from unauthorized reading | ||
| Hashing | ✓ | Detect unauthorized modification | ||
| Digital signatures | ✓ | ✓ | Verify sender and detect tampering | |
| Redundancy | ✓ | Maintain access despite failures | ||
| ACLs | ✓ | Control who can access what | ||
| Backups | ✓ | ✓ | Recover from corruption or loss | |
| UPS | ✓ | Maintain power during outages |
Exam Application: Security questions often present a scenario and ask which control best addresses it. Categorize the threat using CIA, then match to the appropriate control. Data stolen? Confidentiality → encryption. Data modified? Integrity → hashing. Service unavailable? Availability → redundancy.
Written byAlvin Varughese
Founder•15 professional certifications