When the facility has a fence, guards, a locked front door and locked interior doors, it called what?
- separation of duties
- defense in depth
A defense in depth strategy prescribes that multiple impediments be presented to a malicious individual. In this case, multiple physical hurdles are presented, but they can also be technical hurdles such as multiple firewalls. Defense in-depth is a multi-layered approach to security that establishes a robust defensive strategy against attackers. This strategy prevents a single attack from being sufficient to breach an environment, forcing attackers to use complex, multi-pronged, daisy-chain attacks that are more likely to fail or be detected during the attempt.
Separation of duties prescribes that any operation susceptible to fraud should be broken into two tasks, with each task given to a different person.
Piggybacking is a social engineering attack in which an unauthorized individual enters a locked door after an authorized individual unlocks the door.
An acceptable use policy defines the manner in which employees are allowed to use a company’s network equipment and resources, such as bandwidth, Internet access, and e-mail services.
Objective: Security Concepts
Sub-Objective: Describe the principles of the defense in depth strategy