Foundations of IA: Week 1

Week 1: What Is Information Assurance?

Welcome to Foundations of Information Assurance! This week, we’ll explore the essentials of information assurance, understand how it differs from information security and cybersecurity, and learn two key frameworks: the CIA triad and the Parkerian Hexad. Through engaging lectures, discussions, and a hands-on lab, you’ll begin your journey into protecting digital information.

Learning Objectives

  • Define information assurance, information security, and cybersecurity, and explain their distinctions.
  • Describe the CIA triad and Parkerian Hexad and their roles in protecting information.
  • Apply these frameworks to real-world cybersecurity challenges.
  • Engage in activities to build foundational awareness.

Weekly Schedule

Lecture 1 (1.5 hours): Defining IA, InfoSec, Cybersecurity, CIA Triad & Parkerian Hexad
Lecture 2 (1.5 hours): Real-World Examples & Group Discussion
Lab (1–2 hours): Exploring Password Strength
Assignments: Case Study Analysis & Discussion Post

Lecture 1: Defining IA, InfoSec, Cybersecurity, CIA Triad & Parkerian Hexad

Duration: 1.5 hours
Format: In-person or online (synchronous)

Agenda

  1. Welcome & Course Overview (10 minutes)
    • Introduce the course, syllabus, and expectations.
    • Highlight relevance for students (e.g., protecting social media accounts).
  2. Defining Key Concepts (30 minutes)
    • Information Assurance (IA):
      • Definition: The practice of managing risks to ensure information and systems are trustworthy, focusing on confidentiality, integrity, availability, and more, across digital and physical domains.
      • Scope: Holistic, including policies, processes, and trust (e.g., ensuring reliable backups for student records).
    • Information Security (InfoSec):
      • Definition: Protecting information and systems from unauthorized access, use, or destruction through technical and procedural controls.
      • Scope: Focuses on data and system security (e.g., encrypting university databases).
    • Cybersecurity:
      • Definition: Defending internet-connected systems and data from cyber threats like hacking or phishing.
      • Scope: Targets digital threats (e.g., blocking a phishing email).
    • Key Differences:
      • IA is broadest, encompassing InfoSec and cybersecurity, emphasizing trust.
      • InfoSec is a subset of IA, focusing on data protection.
      • Cybersecurity is a subset of InfoSec, addressing cyber threats.
  3. CIA Triad & Parkerian Hexad (40 minutes)
    • CIA Triad:
      • Confidentiality: Restricting access to authorized users (e.g., password-protecting grades).
      • Integrity: Ensuring data accuracy (e.g., preventing grade tampering).
      • Availability: Keeping systems accessible (e.g., ensuring registration systems work).
    • Parkerian Hexad: Expands CIA with three additional principles:
      • Authenticity: Verifying the identity of users or data sources (e.g., ensuring an email is from a real professor).
      • Possession or Control: Maintaining control over data (e.g., preventing data theft even if confidentiality is intact).
      • Utility: Ensuring data remains useful (e.g., avoiding encryption that renders data unusable).
    • Comparison: CIA focuses on core protections; Hexad adds nuanced principles for comprehensive security.
    • Activity: Students match scenarios to CIA or Hexad principles (e.g., “Fake login page” = authenticity breach; “Hacked email” = confidentiality breach).
  4. Wrap-Up & Q&A (10 minutes)
    • Review definitions, CIA, and Hexad.
    • Answer questions.

“The Parkerian Hexad gives us a fuller picture of security, beyond just locking data away—it’s about trust, control, and usefulness.”

– Adapted from Donn Parker’s Work

Materials

  • Slide deck: IA, InfoSec, Cybersecurity, CIA & Parkerian Hexad (provided by instructor).
  • Handout: CIA Triad & Parkerian Hexad Scenarios (download below).
Download Scenarios Handout

Lecture 2: Real-World Examples & Group Discussion

Duration: 1.5 hours
Format: In-person or online (synchronous)

Agenda

  1. Warm-Up Activity (15 minutes)
    • Poll: “Have you faced a cyber issue (e.g., phishing, hacked account)?”
    • Discuss: Which CIA or Hexad principle was affected?
  2. Real-World Examples (30 minutes)
    • Examples tied to definitions and frameworks:
      • IA: University verifies backups during a system upgrade (utility, possession).
      • InfoSec: Campus IT uses encryption for student records (confidentiality).
      • Cybersecurity: IT blocks a phishing attack (authenticity).
    • Impacts: Privacy loss, academic disruptions, financial costs.
  3. Group Discussion: Case Study (30 minutes)
    • Case: A university email system is hacked, exposing student data, with a fake login page and system downtime.
    • Questions:
      • Which aspects relate to IA, InfoSec, or Cybersecurity?
      • Which CIA and Parkerian Hexad principles are violated?
      • What prevention measures could apply?
    • Groups (4–5 students) discuss and present findings.
  4. Wrap-Up & Lab Preview (15 minutes)
    • Summarize insights.
    • Introduce lab: Password strength and InfoSec.

Materials

  • Slide deck: Real-World Examples (provided by instructor).
  • Case Study Handout: University Email Breach (download below).
Download Case Study Handout

Lab: Exploring Password Strength

Duration: 1–2 hours
Format: In-person computer lab or virtual (using personal devices)

Objective

Understand how strong passwords enhance information security, focusing on confidentiality and authenticity in the CIA triad and Parkerian Hexad.

Instructions

  1. Setup (10 minutes)
    • Use a password strength checker (e.g., Security.org or Kaspersky).
    • Warning: Use fictional passwords only.
  2. Activity (30–40 minutes)
    • Test five passwords, varying:
      • Length (e.g., 6 vs. 12 characters).
      • Character types (e.g., letters vs. letters + symbols).
      • Common words (e.g., “password123” vs. “Tr0ub4dor&rex”).
    • Record feedback (e.g., “Weak,” “Strong,” crack time).
    • Answer:
      • How does password strength support confidentiality and authenticity?
      • Why is this an InfoSec practice?
      • How does it relate to IA’s focus on trust?
  3. Group Sharing (15 minutes)
    • Pair up to compare results.
    • Discuss: How do passwords fit into CIA and Hexad principles?
  4. Submission (5 minutes)
    • Submit a 1-page lab report with results and answers.

Requirements

  • Device with internet access.
  • Lab report template (download below).
Download Lab Report Template

Grading: 10 points (5 for completion, 5 for reflection).

Assignments

1. Case Study Analysis: University Email Breach

Due: End of Week 1
Points: 10

Analyze the case study (1–2 pages):

  • Identify aspects of IA, InfoSec, and Cybersecurity.
  • Explain violations of CIA triad and Parkerian Hexad principles.
  • Suggest prevention measures.

Submission: Upload to LMS (e.g., Canvas).

2. Discussion Post: Personal Cybersecurity Experiences

Due: End of Week 1
Points: 5

Post (150–200 words) in the forum:

  • Share a cyber incident (personal or news).
  • Classify it as IA, InfoSec, or Cybersecurity and identify affected CIA/Hexad principles.
  • Reply to one classmate’s post.

Grading: 3 points for post, 2 for reply.

Readings

Instructor Notes

Preparation:

  • Prepare slides with visuals (e.g., Venn diagram for IA/InfoSec/Cybersecurity, CIA vs. Hexad table).
  • Test password checker tool for accessibility.
  • Upload handouts/templates to LMS.
  • Set up discussion forum.

Tips for Engagement:

  • Use relatable examples (e.g., fake social media accounts for authenticity).
  • Encourage group participation in scenario activities.
  • Show a 2-minute video (e.g., NIST cybersecurity intro) in Lecture 2.

Accessibility:

  • Provide slides/handouts in PDF for screen readers.
  • Ensure password checker is keyboard-navigable.
  • Offer audio summaries for case study if needed.

Need Help?

Contact the instructor via email or office hours. Visit the LMS for resources and FAQs.

Go to Course LMS
Scroll to Top