(ISC)2(ISC)2
CCSP · Question #280
CCSP Question #280: Real Exam Question with Answer & Explanation
The correct answer is D: All of the above. A robust layered defense strategy requires a combination of all types of security controls to protect assets comprehensively.
Submitted by jakub_pl· Apr 18, 2026Cloud Concepts, Architecture and Design
Question
In attempting to provide a layered defense, the security practitioner should convince senior management to include security controls of which type? Response:
Options
- ATechnological
- BPhysical
- CAdministrative
- DAll of the above
Explanation
A robust layered defense strategy requires a combination of all types of security controls to protect assets comprehensively.
Common mistakes.
- A. Technological controls alone, while crucial, do not cover physical access or human behavior aspects of security.
- B. Physical controls prevent unauthorized access to facilities and hardware but do not protect against cyber threats or user errors.
- C. Administrative controls establish policies and procedures but require technological and physical enforcement to be fully effective.
Concept tested. Defense in depth security controls
Reference. https://learn.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-overview
Topics
#Layered Defense#Defense in Depth#Security Controls#Types of Security Controls
Community Discussion
No community discussion yet for this question.