LOGBOOK

HELP

Quiz Entry - updated: 2026.06.01

What is the defense-in-depth principle in access control, and why is it called "layered security"?

Multiple independent layers of defence — if one fails, the next one still protects the asset.

A medieval castle is the classic analogy:

  • Moat — outermost barrier
  • High hard walls — first physical layer
  • Limited entry points — chokepoints for inspection
  • Guards check identity — authentication
  • Inner walls — second physical layer
  • Watch towers — monitoring/detection

Mapped to information security:

  • Network: perimeter firewall + internal segmentation + host firewalls.
  • Authentication: password + 2FA token + device certificate.
  • Authorisation: role check + per-request server-side ACL check + database row-level security.
  • Monitoring: endpoint EDR + SIEM correlation + manual review.

Why one layer is never enough:

  • Any single control will eventually fail (zero-day, misconfiguration, social engineering).
  • Defence-in-depth assumes failure of each layer and asks: if this one is bypassed, what stops the attacker next?
  • The attacker has to defeat all layers; the defender only needs one to hold.

From Quiz: ISF / Access Control | Updated: Jun 01, 2026