Discuss defense in depth.
What will be an ideal response?
The components and approaches to security should be arranged to provide layers of network defense. This layering approach to network security is often called defense in depth (DiD). The National Security Agency (NSA) originally designed DiD as a best practices strategy for achieving information assurance.
When beginning with an unprotected system, the first layer of defense added is always the most effective. As more layers are stacked on the first, potential attackers must successfully breach each layer to gain access to the next one. However, adding layers also adds increasing complexity for system administrators. Security enhancements must be balanced against the cost to maintain and monitor defenses. DiD does eventually reach a point where the cost of implementing additional security outweighs the potential benefits.
You might also like to view...
Merge ________ will merge selected cells without centering their contents
Fill in the blank(s) with correct word
Answer the following statements true (T) or false (F)
1. Format-preserving encryption refers to any encryption technique that takes a plaintext in a given format and produces a ciphertext in the same format. 2. It is possible to convert a block cipher into a stream cipher using cipher feedback, output feedback and counter modes. 3. Cipher Feedback Mode conforms to the typical construction of a stream cipher. 4. OFB mode requires an initialization vector that must be unique to each execution of the encryption operation. 5. The XTS-AES mode is based on the concept of a tweakable block cipher.