312-50V10 · Question #125
What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malic
The correct answer is C. Defense in depth. Defense in depth is the security strategy of layering multiple independent controls across an IT infrastructure so that if one control fails, others still provide protection.
Question
What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malicious attacks or potential vulnerabilities? What kind of Web application vulnerability likely exists in their software?
Options
- AHost-Based Intrusion Detection System
- BSecurity through obscurity
- CDefense in depth
- DNetwork-Based Intrusion Detection System
How the community answered
(48 responses)- A2% (1)
- B2% (1)
- C90% (43)
- D6% (3)
Why each option
Defense in depth is the security strategy of layering multiple independent controls across an IT infrastructure so that if one control fails, others still provide protection.
A Host-Based Intrusion Detection System monitors activity on a single host, representing only one layer of security, not a multi-layer strategy.
Security through obscurity relies on hiding system details to deter attackers rather than implementing substantive layered controls, and is not considered a robust security strategy.
Defense in depth is the formal security principle that mandates placing multiple overlapping security controls - such as firewalls, IDS, access controls, and encryption - at different layers of an IT infrastructure. The layered approach ensures no single point of failure can compromise the entire system. This directly matches the question's description of multiple layers improving an organization's security posture.
A Network-Based Intrusion Detection System monitors network traffic at one point in the infrastructure, which is a single control, not a multi-layered defense approach.
Concept tested: Defense in depth multi-layer security strategy
Source: https://csrc.nist.gov/glossary/term/defense_in_depth
Topics
Community Discussion
No community discussion yet for this question.