Which type of security control is defense in depth?
A. threat mitigation
B. risk analysis
C. botnet mitigation
D. overt and covert channels
Explanation/Reference:
Explanation:
http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/SAFE_RG/chap1.html SAFE Design Blueprint
The Cisco SAFE uses the infrastructure-wide intelligence and collaboration capabilities provided by Cisco products to control and mitigate well-known and zero-day attacks. Under the Cisco SAFE design blueprints, intrusion protection systems, firewalls, network admission control, endpoint protection software, and monitoring and analysis systems work together to identify and dynamically respond to attacks. As part of threat control and containment, the designs have the ability to identify the source of a threat, visualize its attack path, and to suggest, and even dynamically enforce, response actions. Possible response actions include the isolation of compromised systems, rate limiting, packet filtering, and more.
Control is improved through the actions of harden, isolate, and enforce. Following are some of the
Get Latest & Actual 640-554 Exam’s Question and Answers from Passleader.
http://www.passleader.com
objectives of the Cisco SAFE design blueprints
Adaptive response to real-time threats–Source threats are dynamically identified and may be blocked in realtime.
Consistent policy enforcement coverage–Mitigation and containment actions may be enforced at different places in the network for defense in-depth.
Minimize effects of attack–Response actions may be dynamically triggered as soon as an attack is detected, minimizing damage.
Common policy and security management–A common policy and security management platform simplifies control and administration, and reduces operational expense.
