Home › BCA Cyber Security › cybersecurity › Cybersecurity Fundamentals › DEFENSE IN DEPTH is a strategy that
DEFENSE IN DEPTH is a strategy that
Auses one very strong control to prevent all attacks
Blayered controls — if one fails, others defend
Cencrypts everything regardless of risk
Dmonitors social media
Answer & Solution
Correct answer: B. layered controls — if one fails, others defend
1. DEFENSE IN DEPTH: a layered approach where multiple security controls are applied at different layers.
2. Layers typically include: physical (locked datacenters), network (firewall, IDS), endpoint (antivirus, EDR), application (input validation, secure coding), data (encryption, access control), people (training).
3. Philosophy: ASSUME EACH LAYER WILL EVENTUALLY FAIL. The attacker has to defeat ALL layers, not just one.
4. Originally a military doctrine; adopted by NIST and ISO 27001 frameworks.
5. Option A is the OPPOSITE — single control = single point of failure.
_Source: NIST CSF Appendix A (PR.PT) + general security architecture principle._
Related questions
A HASH FUNCTION (e.g. SHA-256) used for password storage should beWhich of the following is a TYPE of MALWARE that encrypts files and demands payment for thA SECURITY INCIDENT is BEST defined asWhich authentication method requires the user to present at least TWO different categoriesPRINCIPLE OF LEAST PRIVILEGE states thatRisk is commonly expressed as a function ofWithin the RESPOND function, ANALYSIS of detected incidents and COMMUNICATIONS with stakehWhich NIST CSF function ensures that PLANS to RESTORE capabilities or services are execute