Security controls can be technical, physical and administrative types. Deploying these security controls in layered fashion makes it harder for the attackers to break our security arsenals. Defense-in-depth is a security strategy in which several security layers are placed in information systems in a series arrangement. It is one of the most crucial principles of information security.
The goal of defense-in-depth is to prevent direct attacks against our information systems. We deploy endpoint security controls, firewalls, physical securities, access controls, encryption and so on controls in a layered fashion to stop intruders.
the_cyberguy Answered question 02/07/2022