What is defense in depth?
What will be an ideal response?
One of the basic tenets of security architecture is the layered implementation of security. This layered approach is called defense in depth. To achieve defense in depth, an organization must establish multiple layers of security controls and safeguards, which can be organized into policy, training and education, and technology, as per the CNSS model discussed earlier. While policy itself may not prevent attacks, it certainly prepares the organization to handle them; and coupled with other layers, it can deter attacks. This is true of training and education, which can also provide some defense against non-technical attacks such as employee ignorance and social engineering. Social engineering occurs when attackers try to use social interaction with members of the organization to acquire information that can be used to make further exploits against information assets possible.
You might also like to view...
________ is a Track Changes view that indicates revisions with a vertical red line in the left margin
A) No Markup B) Original C) Simple Markup D) All Markup
The exception facility should be used when
a. Some resource is unavailable to the compiler b. A program encounters an error and cannot recover, but needs to shut down gracefully, perhaps saving work.. c. A program requests a resource that is not available. d. Array index value is out-of-bounds e. A programmer calls the wrong function f. A division by zero occurs g. There is a compiler detected error h) A call to operator new fails to allocate memory from free store i) An arithmetic error occurs