What principle of information security states that an organisation should implement overlapping security controls whenever possible?
A. Least privilege
B. Separation of duties
C. Defence in depth
D. Security through obscurity
Scroll down for answer
Defence in depth states that organisations should have overlapping security controls designed to meet the same security objectives whenever possible. This approach provides security in the event of a single control failure.
Also see: (ISC)2 SSCP (2019) Question of the Day