CISSP Practice Exam 2025 – Complete Prep Guide

The acronym DAD in information security stands for Disclosure, Alteration, and Destruction. This framework represents the primary threats that can affect data security.

Disclosure pertains to unauthorized access to information, which can result in sensitive data being exposed. This aspect underscores the importance of confidentiality within security protocols, ensuring that only authorized individuals have access to specific data.

Alteration refers to unauthorized changes to data. This highlights the risks related to data integrity, where an attacker might manipulate or modify information to mislead users or systems. Safeguarding data against alteration is critical in maintaining trust in systems and the accuracy of information.

Destruction involves the intentional or unintentional loss or destruction of data. This signifies the importance of data availability and the need for effective backup and recovery strategies to restore any lost data due to an incident.

This understanding of the DAD framework aids in developing comprehensive security policies that address these three critical areas, ensuring robust protection for information assets.