The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards BEST describes this security approach?
A.
Access control
B.
Security information and event management (SIEM)
CISSP Official Study Guide pg 73 - Defense in depth includes administrative, technical (logical) and physical controls. What's listed is only physical controls. Answer is D.
The correct answer is D. Security perimeter.
A security perimeter involves the use of physical and logical measures to protect the boundaries of a secure area. This includes physical barriers, card and PIN access systems, cameras, alarms, and security guards, all of which are designed to prevent unauthorized access and detect any security breaches.
Option C, "Defense-in-depth," is incorrect in this context because it refers to a layered security strategy that employs multiple security measures to protect information and systems. While defense-in-depth can include physical security measures, it also encompasses a wide range of other controls, such as technical, administrative, and procedural safeguards.
The scenario described focuses specifically on physical security measures like barriers, access systems, cameras, alarms, and security guards, which are best categorized under the concept of a security perimeter. This term specifically addresses the physical boundaries and measures used to protect a secure area.
While defense-in-depth includes perimeter security, the description focuses specifically on the outer layer of security: physical barriers, card/PIN access, cameras, alarms, and guards. These elements work together to control and monitor access to a secured area, which is the core concept of a security perimeter. Defense-in-depth would encompass multiple layers of security beyond just the perimeter.
The correct answer is:
C. Defense-in-depth
Explanation:
The scenario describes multiple layers of security controls designed to protect an organization's assets. This approach is known as defense-in-depth, which involves implementing various types of security measures at different levels to create overlapping defenses. The goal is to ensure that if one security measure is bypassed, others remain in place to mitigate the risk.
Breakdown of Components in the Scenario:
Physical barriers: Prevent unauthorized access to facilities.
Card and PIN access systems: Provide an additional layer of authentication.
Cameras and alarms: Detect and deter unauthorized activities.
Security guards: Act as a human layer of enforcement and monitoring.
Each of these components contributes to an overall strategy of layering security to protect against a range of threats.
In my opinion, the correct answer is “A” – Access control.
SIEM is not dealing with physical controls and instead focuses on data collection and analysis, regarding a completely different layer.
Defense-in-depth describes a concept of multiple layers of security controls that provides security in case of the failure of one or more layers. I can’t see this approach here.
Security perimeter would describe the subset of physical access controls that are described here (e.g. physical barriers), but overall I’d say that “Access control” would be the broader definition to include all of the mentioned measurements.
Defense-in-depth is a comprehensive security strategy that employs multiple layers of security controls across various levels of an organization to protect against threats. The idea is to create a layered defense, so if one security measure fails, other layers still provide protection.
The components mentioned—physical barriers, card and PIN access systems, cameras, alarms, and security guards—are all elements of physical security and access control, which are part of a broader defense-in-depth strategy. These measures work together to provide redundancy, so even if one layer is bypassed, others are still in place to protect the organization.
Defense-in-depth is a security strategy that employs multiple layers of security controls to protect an organization's assets. The use of physical barriers, card and PIN access systems, cameras, alarms, and security guards exemplifies this approach, as it combines various security measures to provide a comprehensive defense against unauthorized access or threats.
The other options are less accurate in this context:
A. Access control focuses specifically on the policies and procedures for granting or denying access to resources.
B. Security information and event management (SIEM) refers to systems that aggregate and analyze security data from various sources, which is not directly related to physical security measures.
D. Security perimeter typically refers to the boundary around an organization’s physical or network environment but does not encompass the multi-layered nature of defense-in-depth.
I feel like C is most appropriate. A perimeter is just one layer, more like a fence. Imagine walking in to a facility with all these controls mentioned as you approach from the gate, to the parking lot, and finally the building entrance.
A. Access control: This refers specifically to mechanisms that manage who or what is allowed to access resources, which would include card and PIN systems but not necessarily the broader range of physical security measures mentioned.
B. Security information and event management (SIEM): This involves the collection, analysis, and reporting of security data from various sources, primarily focused on digital events rather than physical security measures.
C. Defense-in-depth: This is a comprehensive strategy that integrates multiple layers of security, including both physical and logical controls. The description given fits this approach as it includes multiple layers of physical security measures.
D. Security perimeter: This generally refers to the boundary that separates a secured area from a non-secured area. While it can include some of the elements mentioned, it does not fully encapsulate the range of security measures described.
C. Defense-in-depth
The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards best describes a defense-in-depth security approach. Defense-in-depth is a layered security strategy that employs multiple, overlapping security measures to protect assets. This approach ensures that if one security measure fails, others are in place to provide continued protection. By implementing a variety of security controls across different layers (physical, technical, and administrative), organizations can better safeguard their resources against various threats.
I was tempted to go with A, but after reading the CBK Reference book, I concluded the answer is D. The key phrase is "security approach." While all those mentioned are access control methods, when applied together, it is a defense-in-depth security approach.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
RVoigt
Highly Voted 2 years, 1 month agoCCNPWILL
10 months agoRamye
9 months, 2 weeks agojens23
1 year, 9 months agoGenesisTech
Highly Voted 2 years, 5 months agojackdryan
1 year, 11 months agoImranbhatti
Most Recent 3 weeks, 4 days agoCKaraf
3 weeks, 4 days agoiRyae
1 month, 2 weeks agoeasyp
2 months agolifre
2 months, 3 weeks agoFouad777
3 months, 2 weeks agoSangSang
2 months, 3 weeks agoZapepelele
3 months, 2 weeks agosomsom
5 months, 2 weeks agoM_MUN17
5 months, 3 weeks agodeeden
8 months agoiamlamzzy
9 months, 1 week ago1460168
8 months, 1 week agoCCNPWILL
10 months agoSkittle4710
10 months agoduplexjay
10 months, 1 week agoJenkins3mol
11 months, 1 week ago