“Defense in depth”, sometimes also known as layered defense, is one of the most important approaches to trustworthy secure system development. Which of the following is true?
A. It creates parallel barriers to prevent, delay, or deter an attack.
B. It achieves greater trustworthiness than the individual security components used.
C. It is an alternative to a balanced application of security concepts and design principles.
D. Its concepts are not the same as the security design principles of modularity and layering.

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Its concepts are not the same as the security design principles of modularity and layering.

NIST SP 800-160 V1 highlights that the concepts of defense in depth are not the same as the security design principles of modularity and layering applied to manage complexity by decomposition or divide-and-conquer.

The security design principles of modularity and layering are not the same as the concept of defense in depth, which is discussed in Section F.4.

* Modularity serves to isolate functions and related data structures into well-defined logical units.
* Layering allows the relationships of these units to be better understood, so that dependencies are clear and undesired complexity can be avoided.

Source: NIST 800-160, VOLUME 1

Defense in depth

• Defense in depth creates a series of barriers, typically in serial, instead of parallel, to prevent, delay, or deter an attack.
• Defense in depth typically, but not always, achieves greater trustworthiness than the individual security components used. For example, implementing fences and guards verifying employees’ badges, in serial, may not be more trustworthy than a single multifactor physical access control system (PACS).
• Defense in depth complements, not an alternative to, the balanced application of security concepts and design principles and vice versa.

Development Approaches

There are three overarching strategies or approaches that may be applied in the development of trustworthy secure systems:

• Reference Monitor Concept
• Defense in Depth
• Isolation

Defense in depth describes security architectures constructed through the application of multiple mechanisms to create a series of barriers to prevent, delay, or deter an attack by an adversary.

Source: NIST 800-160, VOLUME 1

Architectural Design

Architecture considerations for the achievement of defined stakeholder capability and assurance objectives are a multidisciplinary design problem. Security subject-matter expertise is required to help ensure that the appropriate protections and assurances are provided in all architecture and design views and viewpoints. This includes, but is not limited to:
* fault detection and recovery;
* exception handling;
* minimization or elimination of single-point-of-failure;
* load balancing; and
* defense-in-depth and defense in breadth techniques.

Source: NIST 800-160, VOLUME 1

Reference

• NIST 800-160, VOLUME 1

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

• It is available on Amazon.
• Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.

“縱深防禦”(defense in depth)，有時也稱為分層防禦(layered defense)，是可信賴的安全系統開發的最重要方法之一。 以下那個敍述是對的？
A. 它會建立平行的屏障，以防止，延遲或阻止攻擊。
B. 它比使用個別的安全組件具有更高的可信賴性。
C. 它是安全概念和設計原則的均衡應用的替代方法。
D. 其概念與模塊化和分層(layering)的安全性設計原則不同。