Security+ Study GuideCompTIA Security+ SY0-701

CIA Triad Explained: Confidentiality, Integrity, and Availability for Security+

How the CIA triad underpins every security control on the CompTIA Security+ SY0-701 exam, with examples of how each property maps to real attacks and defences.

3 min read
6 sections
Courseiva Study Hub
JA

Reviewed by Johnson Ajibi, MSc IT Security

12+ years in network and security engineering · Founder, JTNetSolutions Limited & Courseiva

Quick answer

How the CIA triad underpins every security control on the CompTIA Security+ SY0-701 exam, with examples of how each property maps to real attacks and defences.

CIA Triad Explained: Confidentiality, Integrity, and Availability for Security+

The CIA triad—Confidentiality, Integrity, and Availability—is the foundational model for information security. Every control, policy, and technology on the CompTIA Security+ SY0-701 exam maps back to one or more of these three principles. Understanding how they interact and where they conflict is critical for both the exam and real-world security work.

Confidentiality

Confidentiality ensures that data is accessible only to authorized individuals. Violations occur through unauthorized access, interception, or disclosure.

Real technical examples:

  • Encryption at rest and in transit: AES-256 for stored data, TLS 1.3 for network traffic (port 443).
  • Access controls: Discretionary Access Control (DAC) via file permissions (e.g., chmod 600), Mandatory Access Control (MAC) with SELinux labels.
  • Steganography: Hiding data within image files (e.g., using steghide).
  • Common attacks: Eavesdropping (packet capture with Wireshark), man-in-the-middle (ARP spoofing), shoulder surfing, social engineering.

Exam tip: Confidentiality is often tested with encryption algorithms, access control models, and scenarios involving data leaks.

Integrity

Integrity guarantees that data has not been altered in an unauthorized manner. It includes both data integrity (content unchanged) and system integrity (system not compromised).

Real technical examples:

  • Hashing: SHA-256 or SHA-3 to verify file integrity. Use sha256sum to generate hashes.
  • Digital signatures: RSA or ECDSA signatures to verify authenticity and integrity of software updates.
  • Checksums: TCP uses checksums to detect transmission errors; md5sum for file verification.
  • Common attacks: Man-in-the-middle modification, SQL injection altering database records, ransomware encrypting files.

Exam tip: Integrity questions often involve hashing algorithms, digital signatures, and integrity monitoring (e.g., Tripwire, AIDE).

Availability

Availability ensures that systems and data are accessible when needed. It is often the first priority in business continuity.

Real technical examples:

  • Redundancy: RAID 1 (mirroring), RAID 5 (striping with parity), load balancers distributing traffic.
  • Fault tolerance: Clustered servers, redundant power supplies, UPS.
  • Backups: Full, incremental, differential; stored offsite or in cloud (e.g., AWS S3 with versioning).
  • Common attacks: DDoS (SYN flood, UDP amplification), ransomware, physical destruction.

Exam tip: Availability is tested with uptime requirements, disaster recovery plans, and DDoS mitigation (e.g., rate limiting, anycast).

Balancing the Triad

In practice, the three principles often conflict. For example, strong encryption (confidentiality) can slow down access (availability). Strict integrity checks (e.g., frequent hashing) may impact performance. The Security+ exam expects you to recognize trade-offs and choose controls that balance all three.

Example scenario: A hospital's patient database must be confidential (HIPAA), but emergency access requires high availability. Solution: Role-based access with emergency break-glass accounts and audit logging.

What to Watch for on the Exam

  • Identify which principle is violated: Read the scenario carefully—data stolen = confidentiality; data altered = integrity; system down = availability.
  • Know the countermeasures: Encryption, access control, hashing, backup, redundancy.
  • Understand where they overlap: Multi-factor authentication supports both confidentiality (prevents unauthorized access) and integrity (ensures only legitimate users modify data).
  • Watch for trick questions: A DDoS attack primarily affects availability, but if it also corrupts data during recovery, integrity is impacted too.
  • Memorize key acronyms and ports: TLS (443), IPSec (UDP 500/4500), SFTP (22), HTTPS (443), DNSSEC (port 53).

Conclusion

The CIA triad is the lens through which every security control is evaluated. Master it, and you'll understand the "why" behind firewalls, encryption, backups, and policies. For the Security+ exam, practice mapping attack scenarios to the violated principle and the appropriate defense.

Ready to test your knowledge? Try our free practice questions covering CIA triad scenarios—click here to access the quiz.

Practise Security+ questions

Original exam-style practice questions with detailed, explained answers. Track your weak topics and review missed questions before exam day.

Courseiva provides free IT certification practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics. Explore related practice questions for Cisco, CompTIA, Microsoft Azure, AWS, and other certification exams.