Good security is built on which of the following concept?
A.
 The concept of a pass-through device that only allows certain traffic in and out.
B.
 The concept of defense in depth.
C.
 The concept of preventative controls.
D.
 The concept of defensive controls.
Explanation:
Defense-in-depth is the coordinated use of multiple security controls in a layered approach. A multilayered
defense system minimizes the probability of successful penetration and compromise because an attacker
would have to get through several different types of protection mechanisms before she gained access to the
critical assets.
Incorrect Answers:
A: Pass-through devices are not the central concept in building good security.
C: Preventative controls are not the central concept in building good security.
D: Defensive Controls is not the central concept in building good security.Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 28