Question

Which controls constitute a defense-in-depth strategy in cybersecurity?

A) Firewalls and Antivirus software
B) Encryption and Access Controls
C) Intrusion Detection Systems (IDS) and Security Awareness Training
D) Password Policies and Biometric Authentication

Answer 1

A defense-in-depth strategy in cybersecurity involves implementing multiple layers of security controls to protect against threats, such as firewalls, encryption, IDS, security awareness training, password policies, and biometric authentication.

Step-by-step explanation:

A defense-in-depth strategy in cybersecurity involves implementing multiple layers of security controls to protect against threats. The controls that constitute a defense-in-depth strategy include:

1. Firewalls - These act as a barrier between a trusted internal network and an external network, controlling incoming and outgoing network traffic.
2. Encryption - This involves converting data into a secret code to prevent unauthorized access.
3. Intrusion Detection Systems (IDS) - These monitor network traffic for suspicious activities or potential attacks.
4. Security Awareness Training - This involves educating users about best practices, such as avoiding phishing emails and using strong passwords, to prevent security breaches.
5. Password Policies - These specify requirements for creating and managing passwords, ensuring better security.
6. Biometric Authentication - This uses unique physical or behavioral characteristics, like fingerprints or facial recognition, for authentication.