312-50V9 · Question #161
Which security strategy requires using several, varying methods to protect IT systems against attacks?
The correct answer is A. Defense in depth. Defense in depth is the security strategy of applying multiple, varied layers of controls so that failure of one layer does not compromise the entire system.
Question
Which security strategy requires using several, varying methods to protect IT systems against attacks?
Options
- ADefense in depth
- BThree-way handshake
- CCovert channels
- DExponential backoff algorithm
How the community answered
(44 responses)- A89% (39)
- B2% (1)
- C2% (1)
- D7% (3)
Why each option
Defense in depth is the security strategy of applying multiple, varied layers of controls so that failure of one layer does not compromise the entire system.
Defense in depth applies independent layers of security controls - such as firewalls, intrusion detection, encryption, and access controls - so an attacker must defeat each layer separately. Using varying methods ensures no single point of failure compromises the entire system. This layered approach is a foundational principle recognized in frameworks such as NIST SP 800-53 and CompTIA Security+.
The three-way handshake is a TCP connection establishment process (SYN, SYN-ACK, ACK) and is not a strategy for layering protective security controls.
Covert channels are hidden communication paths used to exfiltrate data, representing a security threat rather than a protective defensive strategy.
Exponential backoff is a network retry algorithm that progressively increases wait times between retries and has no relation to layered security defense.
Concept tested: Defense in depth layered security strategy
Source: https://csrc.nist.gov/glossary/term/defense_in_depth
Topics
Community Discussion
No community discussion yet for this question.