Question

in information security, the concept of defense in depth is based on the concept of layering more than one control. these controls can be physical, administrative, or technical in design. group of answer choices true false

Answer 1

Defense in depth in information security is based on layering multiple controls such as physical, administrative, or technical to provide redundancy and increase security. This is true.

Therefore, the correct answer is: option 'true'.

Step-by-step explanation:

Defense in depth is a strategy that leverages multiple security measures to protect an organization's assets. The thinking is that if one line of defense is compromised, additional layers exist as a backup to ensure that threats are stopped along the way.

This multifaceted approach is designed to provide redundant defense measures in case one control fails or is bypassed.

Controls could include physical barriers like locks and security guards, administrative measures such as policies and user training, and technical elements like firewalls, antivirus software, and intrusion detection systems. True to its military origins, this strategy is about creating a series of obstacles that make an attack successively more difficult.