ExpertMedium1 markMultiple Choice
CPA · Question 14 · Area II: Security
An organization uses a 'Defense in Depth' strategy. Which of the following represents a correct layering of controls from the perimeter inward?
An organization uses a 'Defense in Depth' strategy. Which of the following represents a correct layering of controls from the perimeter inward?
Answer options:
A.
Database Encryption -> Firewall -> MFA
B.
Antivirus -> Firewall -> Biometric Access to Data Center
C.
Firewall -> Intrusion Prevention System (IPS) -> Host-based Antivirus -> File Encryption
D.
File Encryption -> Host-based Antivirus -> Firewall
How to approach this question
Visualize the path of an attacker from the internet to the data. What do they hit first?
Full Answer
C.Firewall -> Intrusion Prevention System (IPS) -> Host-based Antivirus -> File Encryption✓ Correct
C
Defense in Depth relies on layering controls. The typical order for a remote attack is: Network Perimeter (Firewall) -> Network Internal (IPS) -> Endpoint/Host (Antivirus/OS hardening) -> Data (Encryption).
Common mistakes
Confusing the order of network vs. host vs. data controls.
Practice the full CPA ISC Practice Exam 3
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud-based s...MediumQ02During a review of a client's cloud governance structure, an auditor notes that the client uses a...MediumQ03An auditor is evaluating the 'Processing Integrity' principle for a financial institution's loan ...HardQ04A company uses a batch processing system to update inventory records overnight. The 'Grandfather-...HardQ05During a walkthrough of the change management process, an auditor observes that the 'Developer' r...Medium