34 Copyright Goodheart-Willcox Co., Inc. Section CIA Triad A fundamental guiding principal among cybersecurity professionals is the CIA triad, as shown in Figure 2-1. In this case, CIA does not stand for the clan- destine governmental spy agency. Rather, the CIA triad is the three underlying principles of data protection: confi dentiality, integrity, and availability. MTA Security Fundamentals 1.1 Security Principles As it is with most projects, planning for cybersecurity incidents and protection is a critical component of a solid security plan. As a security professional, you are responsible for protecting data against a wide range of threats. In the process, you must make sure data remain confi dential, the integrity of the data is maintained, and the data are available when needed. There are key security principles that guide security professionals in their choices and decisions. Attacks can occur from many sources, so it is important to design layered solutions that assist with prevention and protection. Additionally, it is important to analyze all areas that are impacted by technology and cyberattacks. Security domains help to manage the task of protecting data by dividing an organization’s operations into separate areas. There are many domains that can be used. Frameworks act as lists or guides to identify and manage the tasks needed to secure each domain. Key Terms attack surface CIA triad confi dentiality defense in depth frameworks integrity Internet of Things (IoT) nonrepudiation process 2.1 What is the best balance between protecting data and allowing access? at i e t between protecti Learning Goals • Explain each of the three main security principles. • Identify business security domains.