CISSP TERMS AND DEFINITIONS
Domain 1: Security & Risk Management CIA Traid Confidentiality Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Note-Encryption (At transit - TLS)(At rest -AES-256). Integrity Guarding against improper information modification or destruction and includes ensuring information or destruction and includes ensuring information or destruction and includes ensuring information non-repudiation and authenticity. Availability Ensuring timely and reliable access to and use of information by authorized users. D.A.D Disclosure, Alteration and Destruction Disclosure: Opposite of Confidentiality Alteration: Opposite of Integrity Destruction: Opposite of Availability Achieving CIA Best Practices Separation of Duties Mandatory Vacations Job Rotation Least Privileges Need to know Need to know Dual Control What is IAAAA? Identification: Unique user identification Authentication: Validati