CISSP – Defense in Depth
- Defense in Depth – Also called Layered Defense or Onion Defense.
- We implement multiple overlapping security controls to protect an asset.
- This applies both to physical and logical controls.
- To get to a server you may have to go through multiple locked doors, security guards, man traps.
- To get to data you may need to get past firewalls, routers, switches, the server, and the applications security.
- Each step may have multiple security controls.
- No single security control secures an asset.
- By implementing Defense in Depth you improve your organizations Confidentiality, Integrity and Availability.