Practice free →
HomeBCA Cyber SecuritycybersecurityCybersecurity Fundamentals › DEFENSE IN DEPTH is a strategy that

DEFENSE IN DEPTH is a strategy that

Auses one very strong control to prevent all attacks
Blayered controls — if one fails, others defend
Cencrypts everything regardless of risk
Dmonitors social media
Answer & Solution
Correct answer: B. layered controls — if one fails, others defend
1. DEFENSE IN DEPTH: a layered approach where multiple security controls are applied at different layers. 2. Layers typically include: physical (locked datacenters), network (firewall, IDS), endpoint (antivirus, EDR), application (input validation, secure coding), data (encryption, access control), people (training). 3. Philosophy: ASSUME EACH LAYER WILL EVENTUALLY FAIL. The attacker has to defeat ALL layers, not just one. 4. Originally a military doctrine; adopted by NIST and ISO 27001 frameworks. 5. Option A is the OPPOSITE — single control = single point of failure. _Source: NIST CSF Appendix A (PR.PT) + general security architecture principle._
Solve this in the app — BCA Cyber Security practice & 24k+ MCQs →
Related questions