CISSP – Defense in Depth

  • Defense in Depth – Also called Layered Defense or Onion Defense.
    • We implement multiple overlapping security controls to protect an asset.
    • This applies both to physical and logical controls.
    • To get to a server you may have to go through multiple locked doors, security guards, man traps.
    • To get to data you may need to get past firewalls, routers, switches, the server, and the applications security.
    • Each step may have multiple security controls.
    • No single security control secures an asset.
    • By implementing Defense in Depth you improve your organizations Confidentiality, Integrity and Availability.

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like

Leave a Reply