What is defense in depth?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the WGU ITAS 2142 D830 Introduction to Cryptography Exam. Review flashcards and multiple choice questions with hints and explanations. Get ready for your exam!

Multiple Choice

What is defense in depth?

Explanation:
Defense in depth means protecting systems by stacking multiple, independent security controls so that if one layer is bypassed, others still stand guard. It relies on a combination of measures across people, processes, and technology to create overlapping protections that address different attack vectors. Think of it as building several barriers: network boundaries like firewalls and intrusion detection, strong access controls and multi-factor authentication, data protection such as encryption at rest and in transit, ongoing monitoring and incident response, and regular backups with tested recovery. Each layer counters different methods an attacker might use, and together they reduce the chance that a single weakness leads to a compromise. If one control fails, others still help detect, delay, or block the threat. This is why the layered security approach is the best description. The other options describe narrower ideas: a single-layer defense is the opposite of defense in depth; zero trust is a specific security model about never trusting by default and continuously verifying, which can be part of a defense-in-depth strategy but isn’t the overall concept itself; data in use encryption is a single control, not the overall approach of using multiple layers.

Defense in depth means protecting systems by stacking multiple, independent security controls so that if one layer is bypassed, others still stand guard. It relies on a combination of measures across people, processes, and technology to create overlapping protections that address different attack vectors.

Think of it as building several barriers: network boundaries like firewalls and intrusion detection, strong access controls and multi-factor authentication, data protection such as encryption at rest and in transit, ongoing monitoring and incident response, and regular backups with tested recovery. Each layer counters different methods an attacker might use, and together they reduce the chance that a single weakness leads to a compromise. If one control fails, others still help detect, delay, or block the threat.

This is why the layered security approach is the best description. The other options describe narrower ideas: a single-layer defense is the opposite of defense in depth; zero trust is a specific security model about never trusting by default and continuously verifying, which can be part of a defense-in-depth strategy but isn’t the overall concept itself; data in use encryption is a single control, not the overall approach of using multiple layers.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy