Which of the following is used in the practice of Information Assurance (IA) to define assurance requirements?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
In the practice of Information Assurance (IA), assurance requirements are defined to ensure that information is protected and secure. One commonly used framework to define assurance requirements is the Five Pillars model.
The Five Pillars model is a framework that defines five key areas that must be addressed to achieve information assurance. These five pillars are confidentiality, integrity, availability, accountability, and non-repudiation.
Confidentiality refers to ensuring that information is only accessible to those authorized to access it. Integrity refers to ensuring that information is not tampered with or altered in any unauthorized way. Availability refers to ensuring that information is always accessible when needed. Accountability refers to ensuring that actions taken with regard to information are traceable and auditable. Non-repudiation refers to ensuring that actions taken with regard to information cannot be denied by the party that took them.
The classic information security model, on the other hand, is a general framework for implementing security measures that includes identifying assets, assessing risk, and implementing controls. It does not specifically address assurance requirements.
The Communications Management Plan is a plan that defines how communications will be managed in a project, but it does not address assurance requirements.
The Parkerian Hexad is a framework that defines six key areas that must be addressed to achieve information security. These six areas are confidentiality, possession, integrity, authenticity, availability, and utility. While there is some overlap between the Parkerian Hexad and the Five Pillars model, the Parkerian Hexad does not specifically address assurance requirements.
Therefore, the correct answer to the question is C. Five Pillars model.