What are the three broad requirements specified by the CIA security triad?

What are the three broad requirements specified by the CIA security triad?

• Data must be protected from unauthorized access.
• Data must be protected from theft and unuthorized alteration or destruction.
• Data must always be acessible by the people who need to use it when they need to use it.
• Data must be protected from firmware alteration.
• Data should never leave the location from which it was gathered.
• Data must be retained for an appropriate amount of time before it can be deleted.

Explanation: The requirements of the CIA triad are:

• Confidentiality - This requirement maintains control on information access and disclosure. Transmitted and stored data is encrypted for privacy.
• Integrity - This requirement prevents improper addition, modification, or destruction of data and information. A hash of the data should be created prior to transmission and the hash should be tamper-proof. Access controls should also be in place to protect stored data.
• Availability - This requirement ensures information can be accessed when it is required. This means that the IoT devices can communicate on the network so that they can submit data to and can be controlled by IoT applications. This also means that devices can not be damaged or tampered with.

Exam with this question: IoT Security 1.1 Chapter 2 Quiz Answers