CERTIFIED-IN-CYBERSECURITY · Question #415
CERTIFIED-IN-CYBERSECURITY Question #415: Real Exam Question with Answer & Explanation
The correct answer is D: Prevent or deter a cyberattack using multiple layers of security measures. Defense in depth is a strategy that employs a series of defensive mechanisms so that if one security control fails, another will be in place to block or limit the attack (see ISC2 Study Guide Chapter 3, Module 1). Overall, the goal of defense in depth is to prevent or deter a cyb
Question
What is the PRIMARY goal of enforcing defense in depth?
Options
- AMake the organization's network impenetrable to attacks
- BGuarantee that no cyberattacks will occur
- CReplace outdated security measures with more advanced ones
- DPrevent or deter a cyberattack using multiple layers of security measures
Explanation
Defense in depth is a strategy that employs a series of defensive mechanisms so that if one security control fails, another will be in place to block or limit the attack (see ISC2 Study Guide Chapter 3, Module 1). Overall, the goal of defense in depth is to prevent or deter a cyberattack using multiple layers of security measures. For example, an organization might have a firewall to block unauthorized access, encryption to protect sensitive data, and intrusion detection systems to identify and respond to potential threats. The other options are incorrect because defense in depth does not guarantee that cyberattacks will not occur, nor does it aim to make the organization's network impenetrable to attacks-because no security mechanism can provide that guarantee. A specific defense in depth initiative may require replacing outdated security measures with more advanced ones, but that is not its primary purpose.
Topics
Community Discussion
No community discussion yet for this question.