Which of the following is the best description of the defense in depth strategy?
Defense in Depth (DiD) refers to an information security approach in which a series of security mechanisms and controls are thoughtfully layered throughout a computer network to protect the confidentiality, integrity, and availability of the network and the data within. While no individual mitigation can stop all cyber threats, together they provide mitigations against a wide variety of threats while incorporating redundancy in the event one mechanism fails. When successful, this approach significantly bolsters network security against many attack vectors. An effective DiD strategy may include these (and other) security best practices, tools, and policies. Show
Why does it matter:There is no silver bullet in cybersecurity, however, a DiD strategy ensures network security is redundant, preventing any single point of failure. DiD strategy significantly increases the time and complexity required to successfully compromise a network, which further drains the resources of engaged cyber threat actors and increases the chances that an active attack is identified and mitigated before completion. What you can do:Implementing DiD can be a resource-intensive undertaking. As such, election offices should follow a risk-based approach to evaluate existing network environments and ensure key sensitive assets are protected using this security strategy and the security best practices, tools, and policies described above. Center for Internet Security (CIS) and EI-ISAC resources are designed with DiD concepts in mind. Election offices are encouraged to work with their information technology staff to implement the best practices found in the CIS Handbook for Elections Infrastructure Security, Guide for Ensuring Security in Election Technology Procurements, and Security Best Practices for Non-Voting Election Technology. Additionally, election offices are encouraged to enroll in the EI-ISAC indicator sharing program and review the recent EI-ISAC Blog Post “I Joined the EI-ISAC® – Now What?” This will ensure election offices ingest the most up-to-date indicators into their security devices and leverage other actionable EI-ISAC services as they develop their DiD strategy. What is defenseDefinition. 1 / 8. Multiple overlapping layers of defense. (Defense in depth involves having multiple layers of security in place, with overlapping defenses that provide multiple points of protection.)
What is one of the primary benefits of a defenseOne of the primary benefits of a defense-in-depth strategy is that even if a single control (such as a firewall or IPS) fails, other controls can still protect your environment and assets.. 2.
Which of the following best describes the term attack surface?An attack surface is defined as the total number of all possible entry points for unauthorized access into any system.
Which term describes the central component of an operating system?The kernel is a computer program at the core of a computer's operating system and generally has complete control over everything in the system. It is the portion of the operating system code that is always resident in memory and facilitates interactions between hardware and software components.
|