Understanding CIA and IAAA Principles

The 'C' in the CIA Triad stands for Confidentiality, which refers to protecting information from unauthorized access and ensuring that sensitive data is only accessible to those who are authorized.

Authentication is crucial for ensuring that only authorized users can access Chloe's online store. It verifies user identities, making it the key component of the IAAA model for her security needs.

Encryption is the primary technique used to protect sensitive data during transmission over the internet, ensuring that only authorized parties can access the information.

Digital signatures are cryptographic tools that ensure data integrity and authenticity by allowing the recipient to verify that the message has not been altered and is from a legitimate sender.

Role-Based Access Control (RBAC) is an effective access control mechanism that assigns permissions based on user roles, ensuring secure and efficient management of access to the software system.

Kerberos is a secure authentication protocol designed for network communications, making it the best choice for Leo's internal network. HTTP and FTP are not primarily for authentication, while IP is a network layer protocol.

The 'I' in the CIA Triad stands for Integrity, which refers to the accuracy and trustworthiness of data. It ensures that information is not altered or tampered with, making it a crucial aspect of information security.

Authorisation determines what actions a user can perform within a system. In this case, it defines what Rosie can access in the school's online library system.

Data Masking is the correct choice as it protects sensitive customer data by obfuscating it, ensuring confidentiality while allowing data to be used for testing or analysis without exposing real information.

Checksums are a common method for verifying data integrity. They generate a unique value based on the data, allowing Neha to check if the data has been altered. Other options like firewalls and VPNs focus on security, not integrity.