CERTIFIED-IN-CYBERSECURITY · Question #432
CERTIFIED-IN-CYBERSECURITY Question #432: Real Exam Question with Answer & Explanation
The correct answer is A: A strategy that uses multiple security measures to protect an organization's systems. Defense in depth refers to a strategy that uses multiple security measures to protect an organization's information (see ISC2 Study Guide Chapter 3, Module 1). This strategy is based on the military principle that it is more difficult for an adversary to defeat a complex and laye
Question
The term "defense in depth" refers to:
Options
- AA strategy that uses multiple security measures to protect an organization's systems
- BUsing only the most sophisticated technology to protect the system
- CThe use of only technological measures for defense
- DThe use of only one strong barrier to prevent cyber attacks
Explanation
Defense in depth refers to a strategy that uses multiple security measures to protect an organization's information (see ISC2 Study Guide Chapter 3, Module 1). This strategy is based on the military principle that it is more difficult for an adversary to defeat a complex and layered defense system than it is to penetrate a single strong barrier. For example, an organization might use a combination of firewalls, intrusion detection systems, encryption, and user authentication to protect its network. Each security measure provides a layer of defense that would have to be breached to gain unauthorized access to the network. The other options are wrong because defense in depth involves using a variety of security measures, not just a single strong barrier, the most sophisticated technology, or just technological measures. This comprehensive approach includes administrative, technical, and physical controls.
Topics
Community Discussion
No community discussion yet for this question.