O'Reilly logo

CISSP For Dummies, 4th Edition by Peter Gregory, Lawrence Miller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Information Security Governance Concepts and Principles

As a CISSP candidate, you must fully understand the three fundamental information security concepts that comprise the C-I-A triad and form the basis of information security (see Figure 6-1):

check.png Confidentiality

check.png Integrity

check.png Availability

As with any triangular shape, all three sides depend on each other (think of a three-sided pyramid or a three-legged stool) to form a stable structure. If one piece falls apart, the whole thing falls apart. All other domains within the CISSP Common Body of Knowledge (CBK) are based on these three important concepts.

Where security is concerned, you also need to understand the defense-in-depth concept, how to avoid single points of failure, and how to incorporate these concepts into security planning.

Figure 6-1: The C-I-A triad.

9781118362396-fg0601.eps

Confidentiality

Confidentiality prevents the unauthorized use or disclosure of information, ensuring that only those who are authorized to access information can do so. Privacy is a closely related concept that’s most often associated with personal data. Various U.S. and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required