Scenario 1 - Confidentiality:

You are an IT security analyst for a large financial institution. One of your colleagues mistakenly
sent an email containing sensitive customer financial data to the wrong recipient. The colleague
is currently on vacation, and you need to respond to this incident quickly. What steps do you take
to address the breach in confidentiality, and what measures can you put in place to prevent such
incidents in the future?

Scenario 2 - Availability:

You work as a network administrator for a major e-commerce company during a high-traffic
holiday season. Suddenly, your website experiences a Distributed Denial of Service (DDoS)
attack that's causing your online store to become inaccessible to customers. The attack is
affecting your company's ability to generate revenue during a critical time of the year. How
would you ensure the availability of your e-commerce website during this attack, and what
strategies can you implement to proactively protect against future DDoS attacks?

These scenarios test the model's ability to respond to situations related to the three pillars of the
CIA model: Confidentiality, Integrity, and Availability, which are fundamental principles of
information security.