LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

Explain Defense in Depth with a practical example.

Stack multiple independent security layers so that if one fails, the next still stops the attack — no single control is trusted to catch everything.

A concentric onion model with four nested layers: network, host, application, data.

* The defense-in-depth onion — each layer an independent barrier, so an attacker must defeat all of them in turn to reach the data at the core. *

Example — Protecting a web application (5 layers):

  1. Network layer — Firewall blocks unused ports, only 443 open
  2. Reverse proxy — WAF filters common attacks (SQLi, XSS patterns)
  3. Application layer — Input validation rejects malicious data
  4. Database layer — Parameterized queries prevent SQL injection even if validation fails
  5. Data layer — Sensitive fields encrypted, so DB breach doesn't expose plaintext

How it works: If an attacker bypasses the WAF with an obfuscated payload, input validation might catch it. If that fails, parameterized queries prevent execution. If data is accessed, encryption protects it.

Analogy: Like a castle with walls, moat, and keep — no single layer is trusted to stop all attacks.

Go deeper:

From Quiz: SPRG / Secure Architecture & Design | Updated: Jul 05, 2026