The security categorization framework described in FIPS 199 uses ratings in which three categories?

The main concept being tested is the set of categories used to classify security impact in FIPS 199, known as the CIA triad. The three ratings are Confidentiality, Integrity, and Availability. Confidentiality protects information from unauthorized disclosure; Integrity ensures information remains accurate and unaltered, preserving trustworthiness; Availability makes sure authorized users can access the information and systems when needed. These three aspects together determine the system’s overall security category, typically based on the highest impact rating among them, which then guides the selection of appropriate controls. The other terms shown in the choices, such as privacy or authentication, are important security concepts but are not the three categories used by FIPS 199 for categorization.