Ver:
·
http://en.wikipedia.org/wiki/Defence_in_depth
Estrategia de protección consistente en introducir
múltiples capas de seguridad que permitan reducir la probabilidad de compromiso
en caso de que una de las capas falle y en el peor de los casos minimizar el
impacto. [CCN-STIC-400:2006]
The practice of layering
defenses to provide added protection
Defense in depth increases
security by raising the effort needed in an attack. This strategy places
multiple barriers between an attacker and an enterprise's computing and
information resources.barriers between an attacker and an enterprise’s computing
and information resources.
ISACA, Cybersecurity
Glossary, 2014
Information security
strategy integrating people, technology, and operations capabilities to
establish variable barriers across multiple layers and missions of the
organization. [NIST-SP800-53:2013]
Information Security
strategy integrating people, technology, and operations capabilities to
establish variable barriers across multiple layers and missions of the
organization. [CNSSI_4009:2010]
A planned, systematic set of
multi-disciplinary activities that seek to identify, manage, and reduce risk of
exploitable vulnerabilities at every stage of the system, network, or
sub-component lifecycle (system, network, or product design and development;
manufacturing; packaging; assembly; system integration; distribution; operations;
maintenance; and retirement). [CNSSI_4009:2010]
(N) "The siting of
mutually supporting defense positions designed to absorb and progressively
weaken attack, prevent initial observations of the whole position by the enemy,
and [enable] the commander to maneuver the reserve." [JP1]
[RFC4949:2007]
Defense In-Depth is the
approach of using multiple layers of security to guard against failure of a
single security component.
http://www.sans.org/security-resources/glossary-of-terms/
Defense in depth is the
coordinated use of multiple security countermeasures to protect the integrity
of the information assets in an enterprise. The strategy is based on the military
principle that it is more difficult for an enemy to defeat a complex and
multi-layered defense system than to penetrate a single barrier.
http://searchsecurity.techtarget.com/