350-701 · Question #181
Why is it important to have logical security controls on endpoints even though the users are trained to spot security threats and the network devices already help prevent them?
The correct answer is D. because human error or insider threats will still exist. Logical security controls are crucial on endpoints because, despite user training and network-level protections, the inherent risks of human error and insider threats necessitate additional layers of defense directly on the device.
Question
Why is it important to have logical security controls on endpoints even though the users are trained to spot security threats and the network devices already help prevent them?
Options
- Ato prevent theft of the endpoints
- Bbecause defense-in-depth stops at the network
- Cto expose the endpoint to more threats
- Dbecause human error or insider threats will still exist
How the community answered
(34 responses)- A3% (1)
- C6% (2)
- D91% (31)
Why each option
Logical security controls are crucial on endpoints because, despite user training and network-level protections, the inherent risks of human error and insider threats necessitate additional layers of defense directly on the device.
Logical security controls primarily protect data and system integrity, while physical security measures are designed to prevent the theft of endpoints.
Defense-in-depth is a multi-layered security strategy that explicitly extends beyond the network perimeter to encompass endpoints, applications, and data itself.
The purpose of implementing security controls is to reduce exposure to threats, not to increase it.
Even with comprehensive user training and robust network security, human error remains a significant vulnerability, and insider threats can bypass network perimeter defenses. Endpoint logical controls provide a critical last line of defense, mitigating risks that originate from within the network or through user interaction.
Concept tested: Defense-in-depth and endpoint security rationale
Source: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/implementing-a-layered-security-model
Topics
Community Discussion
No community discussion yet for this question.