Question

An important principle in information security is the concept of layers of security, which is often referred to as layered security, or defense in depth. Which of the following is not an example of a layer of security?

Answer 1

Answer:

Available options in question are

1. a firewall :  
2. a server
3. an application
4. control standard

Answer is : Control Standard. It is not an example of layer of security.

Explanation:

Defense in depth consists of three major domains like physical, technical and administrative. Layered Security will consists of best practices by combining multiple  security methods to mitigate vulnerabilities and attack vectors. It is used to protect resources at different levels.  

• A firewall is used as layered security measure to secure networks and systems.It is most commonly used security measure for enterprise products.
• A server is typical example of physical control. In this  it protects actual IT servers, high-end servers, cloud servers and any physical hardware and assets.  
• An Application can be used an example of Layer security. Applications like Antiviruses, Vulnerability Scanners, Anti Malware software and Web Application firewall gateways are typical examples

Control Standard is not an example of Layered Security.