Security Concepts & Terminology
CIA Triad
The CIA triad is an information security model that is used in consideration throughout creating a security policy. This model has an extensive background, ranging from being used in 1998.
This history is because the security of information (information security) does not start and/or end with cybersecurity, but instead, applies to scenarios like filing, record storage, etc.
Consisting of three sections: Confidentiality, Integrity and Availability (CIA), this model has quickly become an industry standard today. This model should help determine the value of data that it applies to, and in turn, the attention it needs from the business.
The CIA triad is unlike a traditional model where you have individual sections; instead, it is a continuous cycle. Whilst the three elements to the CIA triad can arguably overlap, if even just one element is not met, then the other two are rendered useless (similar to the fire triangle). If a security policy does not answer these three sections, it is seldom an effective security policy.
Whilst the three elements to the CIA triad are arguably self-explanatory, let’s explore these and contextualise them into cybersecurity.
Confidentiality
This element is the protection of data from unauthorized access and misuse. Organisations will always have some form of sensitive data stored on their systems. To provide confidentiality is to protect this data from parties that it is not intended for.
There are many real-world examples for this, for example, employee records and accounting documents will be considered sensitive. Confidentiality will be provided in the sense that only HR administrators will access employee records, where vetting and tight access controls are in place. Accounting records are less valuable (and therefore less sensitive), so not as stringent access controls would be in place for these documents. Or, for example, governments using a sensitivity classification rating system (top-secret, classified, unclassified).
Integrity
The CIA triad element of integrity is the condition where information is kept accurate and consistent unless authorized changes are made. It is possible for the information to change because of careless access and use, errors in the information system, or unauthorized access and use. In the CIA triad, integrity is maintained when the information remains unchanged during storage, transmission, and usage not involving modification to the information. Steps must be taken to ensure data cannot be altered by unauthorised people (for example, in a breach of confidentiality).
Many defences to ensure integrity can be put in place. Access control and rigorous authentication can help prevent authorized users from making unauthorized changes. Hash verifications and digital signatures can help ensure that transactions are authentic and that files have not been modified or corrupted.
Availability
In order for data to be useful, it must be available and accessible by the user.
The main concern in the CIA triad is that the information should be available when authorised users need to access it.
Availability is very often a key benchmark for an organisation. For example, having 99.99% uptime on their websites or systems (this is laid out in Service Level Agreements). When a system is unavailable, it often results in damage to an organisations reputation and loss of finances. Availability is achieved through a combination of many elements, including:
Having reliable and well-tested hardware for their information technology servers (i.e. reputable servers)
Having redundant technology and services in the case of failure of the primary
Implementing well-versed security protocols to protect technology and services from attack
Question1. Which principle focuses on keeping data secret?
Question2. Which principle ensures systems are accessible when needed?
Question3. DDoS attacks mainly target:
Question4. Changing logs without permission affects which principle?
Question5. A database is encrypted and cannot be accessed by users. Which principle failed?
Question6. An attacker reads sensitive customer records but does not modify them. Which principle is broken?
Vulnerabilities, Exploits & Attacks
In cybersecurity, attacks follow a clear chain:
Vulnerability → a weakness in a system
(e.g., weak passwords, outdated software, misconfigurations)
Exploit → a technique or method used to abuse a vulnerability
(e.g., brute force, SQL injection, phishing)
Attack → the actual execution of the exploit against the system
(e.g., account takeover, data breach, service outage)
Example Chain:
Weak password → Vulnerability
Brute force login → Exploit
Account takeover → Attack
Not every vulnerability is exploited,
but every successful attack starts with a vulnerability.
In CTFs, systems are intentionally made vulnerable so you can safely learn how exploits and attacks work—without harming real systems.
Question1. What comes first: exploit or vulnerability?
a) Vulnerability
b) Exploit
Question2. What do we call the method used to abuse a weakness?
Question3. Is an unpatched system a vulnerability or an attack?
a) Vulnerability
b) Attack
Question4. What is the final step where damage actually happens?
Question5. Which of the following is an exploit?
a) Outdated software
b) SQL injection
c) Data breach
d) Weak password
Question6. Which of the following is an attack outcome?
a) Open port
b) Misconfiguration
c) XSS payload
d) Account takeover