Information Security

Objective: Demonstrate your understanding of Core Principle 2 for Information Security
through effective writing about the three security goals of Confidentiality, Integrity, and
Pages 20-22 in Reading 1.1
In this essay you will demonstrate your knowledge of a core principle of information
security. Principle 2: The Three Security Goals Are Confidentiality, Integrity, and
Availability. This principle, also known as the CIA Triad, is a cornerstone of information
security practices.
In your paper you will define and discuss specifics of how these three goals are applied to
business situations.
The essay is required to be a minimum of 750 words that clearly demonstrate your
understanding of the activity. Essay should have a clear introduction, thesis statement and
conclusion, written in APA 7 format. A minimum of four sources, at least two from the
provided below, must be cited in-text and in the Reference list.
Step 1: Reread Reading 1.1, Chapter 2, pp. 20-22, Principle 2, in Merkow, B.
(2014). Information Security Principles and Practices, (2nd ed). Upper Saddle River, NJ:
Pearson Education.
Step 2: Read the following prompts, and use what you have learned through provided
sources to summarize your responses.
Describe fully and provide specific examples of how a business can apply Principle 2 in
order to achieve the goals below. Outline the risks of failure to achieve each of these
• Protect the confidentiality of data
• Preserve the integrity of data
• Promote the availability of data for authorized use
Step 3: Write a paper.
• Address the questions/prompts in Step 1.
• Write a 750-word paper.
• Include a clear introduction, discussion and conclusion.
Step 4: Review the writing guidelines:
• Include a cover page and references in addition to your required page count.
• Use correct APA 7th Edition format.
• Double-space text.
• Use section headings to organize.
• Indent paragraphs.
• Include in-text citations as appropriate.
• Use correct spelling, grammar, sentence structure and verb tense.
Sources and readings:
Reading 1.1: Basic Principles of Information Security
Complete this reading for an introduction to the 12 generally accepted basic principles of
Information Security Principles of Success from Merkow, M.S. and Breithaupt, J.
(2014). Information security: Principles and practices (2nd ed., pp. 18-31). Indianapolis, IN:
Pearson Education.
• Read Chapter 2, pp. 18-31, for an overview of the 12 generally accepted basic
principles of information security and how they are applied in business situations.
Reading 1.2: Principles of Network, Internet and Telecommunications Security
In these readings, you will discover some of the protocols used in Telecommunications,
Network and Internet Security. These protocols include Transmission Control Protocol/
Internet Protocol (TCP/IP), packet-filtering routers, firewalls and intrusion detection/
prevention technology in network perimeter security and the elements of IP security such
as virtual private networks.
Networking and Communication by Bourgeois, D. (2019, August 1). Information Systems
for Business and Beyond. OER Commons.
Information Systems Security by Bourgeois, D. (2019, August 1). Information Systems for
Business and Beyond. OER Commons.
Reading 1.3: Best Practices in Data Security
In this reading, you will discover some of the best practices in network security aimed to
prevent data loss and protect organizational data. You will also learn about data leakage,
destruction and disposal, as well as data management and how it can prevent data loss.
Technological and Information Governance Approaches to Data Loss and Leakage