The fundamental objectives of information security are to ensure the confidentiality , integrity , and availability of information, commonly known as the CIA triad. Many modern references also add objectives like authenticity and non‑repudiation, but CIA remains the core set used in exams and standards.

Core CIA objectives

  • Confidentiality : Protecting information from unauthorized access or disclosure so that only authorized people, processes, or systems can view it. Typical controls include encryption, access control, and classification of data.
  • Integrity : Ensuring information is accurate, complete, and not modified in an unauthorized or undetected way. Techniques like checksums, hash functions, digital signatures, and version control help maintain integrity.
  • Availability : Making sure information and systems are accessible to authorized users when needed, without undue delay. This is supported by redundancy, backups, disaster recovery, and protections against denial‑of‑service attacks.

Common “extra” objectives

  • Authenticity : Verifying the identity of users and the origin of data so that communications and transactions are genuine.
  • Non‑repudiation : Preventing parties from denying that they performed an action, such as sending a message or authorizing a transaction, often via logs and digital signatures.

How to answer “which of the following…?”

If you see a multiple‑choice question like “Which of the following are fundamental objectives of information security?”:

  • Choose confidentiality, integrity, and availability if they appear; that is the standard correct set.
  • If the question allows more than three and mentions authenticity or non‑repudiation as additional security services, they may be correct extras, but CIA are the fundamental objectives.

Information gathered from public forums or data available on the internet and portrayed here.