Defense in Depth

Questions and Answers

Which layer of defense in depth is responsible for implementing measures such as firewalls, proxy, stateful packet inspection, and vulnerability analysis?

• Internal network
• Network perimeter (correct)
• External network
• Host

What is the main goal of defense in depth in an information security setting?

• To keep every attacker out indefinitely
• To delay attackers from cracking passwords
• To place enough defensive measures between important assets and attackers (correct)
• To prevent any attack from happening

Which layer of defense in depth is responsible for implementing measures such as IDS, IPS, logging, auditing, penetration testing, and vulnerability analysis?

• External network
• Network perimeter
• Host
• Internal network (correct)

What is the purpose of a delaying tactic in defense in depth?

To make it harder for attackers to crack passwords (A)

Which layer of defense in depth is responsible for implementing measures such as authentication, antivirus, firewalls, IDS, IPS, passwords, hashing, logging, auditing, penetration testing, and vulnerability analysis?

Host (C)

Which layer of defense in depth is responsible for implementing measures such as DMZ, VPN, logging, auditing, penetration testing, and vulnerability analysis?

External network (C)

What is the purpose of risk in the context of information security?

To assess the likelihood of an attack (D)

Which layer of defense in depth is responsible for implementing measures such as firewalls, proxy, logging, stateful packet inspection, penetration testing, and vulnerability analysis?

Network perimeter (B)

What is the purpose of defense in depth in an information security setting?

To provide enough time to detect and prevent attacks (C)