CERTIFIED-IN-CYBERSECURITY · Question #786
CERTIFIED-IN-CYBERSECURITY Question #786: Real Exam Question with Answer & Explanation
The correct answer is C: Defense in Depth. Defense in depth describes a cybersecurity approach that uses multiple layers of security for holistic protection (see ISC2 Study Guide Chapter 1, Module 3). According to the principle of Separation of Duties, no user should ever be given enough privileges to misuse the system on
Question
Which concept describes an information security strategy that integrates people, technology and operations in order to establish security controls across multiple layers of the organization?
Options
- ASeparation of Duties
- BLeast Privilege
- CDefense in Depth
- DPrivileged Accounts
Explanation
Defense in depth describes a cybersecurity approach that uses multiple layers of security for holistic protection (see ISC2 Study Guide Chapter 1, Module 3). According to the principle of Separation of Duties, no user should ever be given enough privileges to misuse the system on their own. The principle of Least Privilege dictates that users should be given only those privileges required to complete their specific tasks. Privileged Accounts are a class of accounts that have permissions exceeding those of regular users, such as manager and administrator
Topics
Community Discussion
No community discussion yet for this question.