Final answer:
The defence in depth layers applicable to the Availability principle are Physical security, Redundancy, and Authentication. While encryption is vital for confidentiality and integrity, it does not directly impact availability.
Step-by-step explanation:
The question is asking us to identify which defence in depth layers are applicable to the Availability principle, which is one of the cornerstones of information security, commonly known as the CIA triad (Confidentiality, Integrity, Availability). When it comes to ensuring Availability, certain measures are taken to ensure that data and systems are accessible when needed. Here are the applicable layers:
- Physical security - This involves measures to protect the physical equipment and facilities that house the systems and data, preventing damage from natural disasters, power outages, or other physical threats that could compromise availability.
- Redundancy - Implementing redundant systems, backups, and failover capabilities ensures that if one component fails, another will take over without interrupting service, thus maintaining availability.
- Authentication - While it's commonly associated with controlling access, it also ensures that legitimate users can access the system when needed, contributing to availability.
Though encryption is an important security tool, it does not directly relate to availability. Instead, it deals with confidentiality and integrity by ensuring that data is only accessible and readable by those who are authorized.