Defense in Depth

Questions and Answers

Which of the following best describes the concept of defense in depth?

• Applying multiple controls on top of one another (correct)
• Implementing multilayers of authentication
• Using locks on hardware server cabinets
• Controlling visitors in the building

What is an example of defense in depth?

• Implementing multilayers of authentication
• Using locks on hardware server cabinets
• Applying a single control to protect the system (correct)
• Controlling visitors in the building

How does defense in depth differ from a single control approach?

• Defense in depth focuses on physical security, while a single control approach focuses on logical security
• Defense in depth uses multiple controls, while a single control approach uses only one control (correct)
• Defense in depth is an ancient concept, while a single control approach is a modern concept
• Defense in depth is more expensive to implement than a single control approach

Flashcards are hidden until you start studying

Study Notes

Defense in Depth Concept

• Defense in depth is a security strategy that involves multiple layers of defense to protect against various types of threats or attacks.
• It is a multi-layered approach to security that aims to slow down or stop attackers, even if one or more layers are breached.

Example of Defense in Depth

• A network with a firewall, intrusion detection system, and encryption is an example of defense in depth, as it provides multiple layers of protection against unauthorized access.

Difference from Single Control Approach

• Defense in depth differs from a single control approach, which relies on a single security mechanism to prevent attacks, making it a single point of failure.
• A single control approach is vulnerable to exploitation if the single control is breached or compromised, whereas defense in depth provides a more robust and resilient security posture.