Exam CISSP topic 1 question 43 discussion

CISSP Official Study Guide pg 73 - Defense in depth includes administrative, technical (logical) and physical controls. What's listed is only physical controls. Answer is D.

MFA + physical layer. (defense in depth)

C is the correct answer, A security perimeter example is a firewall,

Defense-in-depth is a security strategy that employs multiple layers of security controls to protect an organization's assets. The use of physical barriers, card and PIN access systems, cameras, alarms, and security guards exemplifies this approach, as it combines various security measures to provide a comprehensive defense against unauthorized access or threats. The other options are less accurate in this context: A. Access control focuses specifically on the policies and procedures for granting or denying access to resources. B. Security information and event management (SIEM) refers to systems that aggregate and analyze security data from various sources, which is not directly related to physical security measures. D. Security perimeter typically refers to the boundary around an organization’s physical or network environment but does not encompass the multi-layered nature of defense-in-depth.

I feel like C is most appropriate. A perimeter is just one layer, more like a fence. Imagine walking in to a facility with all these controls mentioned as you approach from the gate, to the parking lot, and finally the building entrance.

A. Access control: This refers specifically to mechanisms that manage who or what is allowed to access resources, which would include card and PIN systems but not necessarily the broader range of physical security measures mentioned. B. Security information and event management (SIEM): This involves the collection, analysis, and reporting of security data from various sources, primarily focused on digital events rather than physical security measures. C. Defense-in-depth: This is a comprehensive strategy that integrates multiple layers of security, including both physical and logical controls. The description given fits this approach as it includes multiple layers of physical security measures. D. Security perimeter: This generally refers to the boundary that separates a secured area from a non-secured area. While it can include some of the elements mentioned, it does not fully encapsulate the range of security measures described.

Def in depth. physical barrier and knowing a PIN number is already different controls.

C. Defense-in-depth The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards best describes a defense-in-depth security approach. Defense-in-depth is a layered security strategy that employs multiple, overlapping security measures to protect assets. This approach ensures that if one security measure fails, others are in place to provide continued protection. By implementing a variety of security controls across different layers (physical, technical, and administrative), organizations can better safeguard their resources against various threats.

I was tempted to go with A, but after reading the CBK Reference book, I concluded the answer is D. The key phrase is "security approach." While all those mentioned are access control methods, when applied together, it is a defense-in-depth security approach.

Don't overthink it

I agree with C:, however, Microsoft Co-Pilot states it's D.

From OSG (pg. 1006). The existence of zero-day vulnerabilities makes it critical that you have a defense-in-depth approach to cybersecurity that incorporates a varied set of --'overlapping security controls'.

A. Access control. Explanation: Access control refers to the measures put in place to regulate and monitor who can access specific resources or areas within a facility or system. This includes physical access control mechanisms such as physical barriers, card access systems, PIN access systems, cameras, alarms, and security guards.

The term "security perimeter" typically refers to the boundary or boundary defenses of a network or physical area that separates it from external threats. - In question it only focus on specific physical area. So its not D The term "defense-in-depth" refers to a security strategy that employs multiple layers of security controls and mechanisms to protect systems, networks, and data from various threats. - In question it only focus on specific physical area. So its not C also. Hence It is A

The term "security perimeter" typically refers to the boundary or boundary defenses of a network or physical area that separates it from external threats. - In quetion it only focus on specific physical area. So its not D The term "defense-in-depth" refers to a security strategy that employs multiple layers of security controls and mechanisms to protect systems, networks, and data from various threats. - In quetion it only focus on specific physical area. So its not C also. Hence It is A

How can security camera and alarm be a perimeter security?

According to CISSP "The security perimeter of your system is an imaginary boundary that separates the TCB from the rest of the system" or "Any connection to your computer system is only a communication path to a system interface; They are not labeled as a security perimeter." That is, it is not necessarily related to physical controls. Also the key word is "security approach", therefore "Defense in depth" is the answer.