Information Technology Specialist (ITS) Cybersecurity Practice Exam

In a phishing attack, which part of the CIA Triad was compromised when credentials were stolen?

• A. Integrity
• B. Availability
• C. Confidentiality
• D. Authentication

The correct answer is: Confidentiality

In the context of a phishing attack, confidentiality is the aspect of the CIA Triad that becomes compromised when credentials are stolen. Confidentiality refers to the protection of sensitive information from unauthorized access. When an attacker successfully executes a phishing attack, they trick a victim into revealing their credentials, such as usernames and passwords, which are meant to be kept secure. Once these credentials are obtained, the attacker gains unauthorized access to the victim's accounts or sensitive data, violating the confidentiality principle. Integrity refers to the accuracy and reliability of data, which is not directly affected by the theft of credentials in a phishing scenario unless those credentials are then used to manipulate or alter data. Availability relates to ensuring that information and resources are accessible to authorized users when needed. While phishing can lead to service disruptions if accounts are disabled or compromised, the primary issue when credentials are stolen is an unauthorized access that undermines the confidentiality of the information. Authentication is a process rather than a principle of the CIA Triad, and while it is indirectly related to the incident, it does not fit specifically within the framework of the triad concerning the compromise of stolen credentials. The stealing of credentials primarily raises concerns about the unauthorized access to confidential information, making confidentiality the correct answer in this scenario.