Concept 13
Defense in Depth
Using multiple layers of security instead of relying on one control.
Defense in depth means using multiple layers of security instead of relying on only one protection method.
The idea is:
“If one security control fails, another still protects the system.”
Examples of layers:
- Firewall
- Antivirus
- MFA
- Security awareness training
- Access controls