Defense in Depth: A security strategy that employs multiple layers of defense measures across an organization’s technical and procedural boundaries. It is designed to slow down an attack’s progress and provide redundant protective measures in case one system fails or is compromised. This includes not just technical controls like firewalls, antivirus software, and intrusion detection systems but also administrative controls like security policies, training, and physical controls like surveillance and secure locks. The concept is based on a military strategy with the same name, where a series of defensive mechanisms are layered to protect valuable assets. Multiple, complimentary, overlapping security measures.
Categories: CC D1: Security Principles | CCSP D1: Cloud Concepts - Architecture and Design | CISM D3: Information Security Program | CISSP D1: Security and Risk Management | Security+ D3: Security Architecture | SSCP D1: Security Concepts and Practices
« Back to Glossary Index