Academy Login

Weekly CISSP Practice

Exam Questions

Week 31 - Question 2

Which of the following does NOT fall under the CIA Triad in information security?

A. Confidentiality
B. Integrity
C. Accessibility
D. Availability

Answer: C

Explanation:

A. Confidentiality

Confidentiality ensures that sensitive information is only disclosed to authorized individuals, entities, or processes.

  • The Goal: To prevent unauthorized "reading" of data.

  • Common Controls: Encryption (AES, TLS), Access Control Lists (ACLs), and physical locks.

  • Threats: Shoulder surfing, social engineering, and man-in-the-middle interception.

B. Integrity

Integrity ensures that information and systems are accurate, complete, and protected from unauthorized modification.  

  • The Goal: To prevent unauthorized "writing" or altering of data.

  • Common Controls: Hashing (SHA-256), Digital Signatures, and Message Authentication Codes (MACs).

  • Threats: Data tampering, unauthorized file changes, and system crashes that corrupt data.

C. Accessibility

While "Accessibility" is a noble goal (ensuring that people with disabilities can use a system), it is not one of the three core pillars of the CIA Triad.

  • Why it's the Answer: Accessibility is an administrative or usability requirement. In the CISSP mindset, "Availability" covers the technical requirement that data is reachable, whereas "Accessibility" is a specific subset of user experience that does not define security posture.

D. Availability

Availability ensures that systems, networks, and applications are up and running when authorized users need them.  

  • The Goal: To prevent the unauthorized "denial" of service or data.

  • Common Controls: RAID, Clustering, Load Balancing, Off-site backups, and DDoS mitigation.

  • Threats: Hardware failure, power outages, and Denial of Service (DoS) attacks.

Podcasts

Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.

Listen Podcasts

CISSP Cyber Training Academy

Tired of not knowing how to study for the CISSP Exam? 

Check out the CISSP Cyber Training Academy to help you on your journey!

Learn about the Academy!

CISSP Cyber Training - YouTube

Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.   

Check out channel