312-50V10 · Question #765
Which security strategy requires using several, varying methods to protect IT systems against attacks?
The correct answer is A. Defense in depth. Defense in depth is the security strategy that deliberately uses multiple, varied, and layered controls to protect IT systems. The other options describe unrelated networking or attack concepts.
Question
Which security strategy requires using several, varying methods to protect IT systems against attacks?
Options
- ADefense in depth
- BCovert channels
- CExponential backoff algorithm
- DThree-way handshake
How the community answered
(59 responses)- A90% (53)
- B3% (2)
- C2% (1)
- D5% (3)
Why each option
Defense in depth is the security strategy that deliberately uses multiple, varied, and layered controls to protect IT systems. The other options describe unrelated networking or attack concepts.
Defense in depth is a security architecture strategy that implements multiple overlapping layers of controls - physical, technical, and administrative - so that if any single control fails, additional layers continue to provide protection. It intentionally uses diverse and varied mechanisms to eliminate single points of failure and increase the cost and complexity of a successful attack.
Covert channels are hidden or unauthorized communication paths used to leak information outside normal security controls, making them an attack vector rather than a defensive strategy.
Exponential backoff is a network retry algorithm that progressively increases wait time between retries to reduce congestion, and has no relation to layered security strategy.
The three-way handshake is the TCP connection establishment process (SYN, SYN-ACK, ACK) and describes a protocol mechanism, not a security protection strategy.
Concept tested: Defense in depth layered security strategy
Source: https://csrc.nist.gov/glossary/term/defense_in_depth
Topics
Community Discussion
No community discussion yet for this question.