Layered Security comprises which of the following controls?

Layered security, also known as defense in depth, approaches security by utilizing multiple layers of controls to protect information systems. This strategy recognizes that no single control can provide complete protection; therefore, it combines various types of controls to create a more formidable barrier against potential threats.

The correct answer encompasses physical, logical, and administrative controls.

Physical controls involve tangible measures that protect the hardware and physical infrastructure. This can include locks, security guards, surveillance cameras, and environmental controls such as fire suppression systems.

Logical controls are software-based protections such as firewalls, encryption, access controls, and intrusion detection systems that safeguard data and information technology resources from unauthorized access or alterations.

Administrative controls encompass the policies, procedures, training, and regulations that dictate how security is managed within an organization. This includes user access management, security awareness programs, and incident response planning.

By employing a combination of these controls, organizations can create a robust security posture that mitigates various risks and adapts to a wide range of threats, ensuring that if one layer fails, other layers remain in place to provide protection. This synergy among different types of controls makes the structure of layered security particularly effective in tackling the complexities of modern cybersecurity challenges.