Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Transcription

00:00
welcome back to CyberRays. It's of course I'm your instructor. Brad. Roads were going to jump into system security principles, and I bet you can guess what they are.
00:09
So, in this lesson, we're gonna talk about confidentiality, integrity and availability,
00:15
Confidentiality? The first leg of the CIA. Try it. And this is pretty straightforward. This is how we ensure that Onley folks that need access to assets. And I'm gonna use that term generally. And assets could be systems, software, hardware, data, yada, yada, all that kind of stuff right there.
00:33
They only we wanna make sure that folks that are authorized have the access to me.
00:36
Pretty straightforward, right? And the second side of that is to make sure that those air not who are not authorized, don't get access. Pretty straightforward. Really? Remember this confidentiality is about authorization.
00:52
All right. Next one, integrity in the CIA trying right this is is really to ensure that our data isn't being messed with right and that we can trust it, right? We make sure that it's correct and ultimately reliable
01:07
in integrity. We're looking at protecting data at rest and data in transit. Very important here. And also the other piece of integrity is that non repudiation thing, right? We want to be able to show the A logs or some other means that if someone has accessed the data, who it was and be able to attribute that to them so that they can't say they didn't access it
01:30
and finally, availability this one's pretty straightforward availability means that I could get access to my assets, that data systems, etcetera, that I need to whenever and wherever I need to. Um, when you think about the commercial space right there, most concerned about availability. If you're an e commerce provider
01:48
and you don't have reliable access to your e commerce site, guess what?
01:52
You're not making money, and therefore you're probably going to go out of business. Whereas when we think about the government, they're very much concerned about confidentiality and integrity. So it's a balance. And when you think of the CIA, try a don't think of it is just one thing or the other. It's actually a balance, and it also varies depending on the organization that you work for or support.
02:13
So in this lesson, we reviewed the CIA. Try it the confidentiality, integrity and availability that we see across many fields and information and cyber security.
02:23
We'll see you next time

Up Next

Information Systems Security Engineering Professional (ISSEP)

This ISSEP course provides students with the foundational knowledge of the concentration area of the CISSP certification that includes a focus on the processes used to develop secure systems. Students will learn key concepts and skills of the five ISSEP domains.

Instructed By

Instructor Profile Image
Brad Rhodes
Head of Cybersecurity, zvelo & Lieutenant Colonel, Cyber Warfare
Instructor