What is defense in depth?

What will be an ideal response?


One of the basic tenets of security architecture is the layered implementation of security. This layered approach is called defense in depth. To achieve defense in depth, an organization must establish multiple layers of security controls and safeguards, which can be organized into policy, training and education, and technology, as per the CNSS model discussed earlier. While policy itself may not prevent attacks, it certainly prepares the organization to handle them; and coupled with other layers, it can deter attacks. This is true of training and education, which can also provide some defense against non-technical attacks such as employee ignorance and social engineering. Social engineering occurs when attackers try to use social interaction with members of the organization to acquire information that can be used to make further exploits against information assets possible.

Computer Science & Information Technology

You might also like to view...

Which of the following assigns ALT+C as a mnemonic key for the JButton object, clearButton?

A) clearButton.addMnemonic(KeyEvent.VK_C); B) clearButton.setMnemonic(KeyEvent.C); C) clearButton.setMnemonic(KeyEvent.VK_C); D) clearButton.assignMnemonic(KeyEvent.VK_C);

Computer Science & Information Technology

In a rich text control, users can enter text or numbers and modify the format of the text

Indicate whether the statement is true or false

Computer Science & Information Technology

After a user clicks a Twitter Follow button, future updates for the linked account are displayed in the visitor's Twitter feed._________________________

Answer the following statement true (T) or false (F)

Computer Science & Information Technology

Which of the following is NOT drawback of using cloud storage?

A. Increased security risk B. High price of storage C. Possible service outage D. Discontinuation of service

Computer Science & Information Technology