Defence in Depth

The Principle of Defence in Depth involves using multiple layers of security controls to protect systems and data, ensuring that if one layer fails, others remain in place to provide protection.

The main function of encryption is to convert plaintext into unreadable ciphertext, ensuring that sensitive information remains secure and inaccessible to unauthorized users.

In asymmetric encryption, the private key is used for decryption. The public key encrypts the data, while only the corresponding private key can decrypt it, ensuring secure communication.

AES (Advanced Encryption Standard) is a symmetric encryption algorithm, meaning it uses the same key for both encryption and decryption. In contrast, RSA and ECC are asymmetric, and Diffie-Hellman is a key exchange method.

TLS primarily protects data during transmission by encrypting it, ensuring that sensitive information remains secure as it travels across networks. This is crucial for preventing eavesdropping and tampering.

The GDPR (General Data Protection Regulation) is the key regulation in the EU that protects personal data and privacy. It sets strict guidelines for data collection and processing, making it the correct choice.

Encryption is a security measure used to protect data, not a threat. In contrast, malware, phishing, and insider threats are common network security threats that can compromise systems and data.

A DDoS attack typically involves multiple compromised systems, known as a botnet, to overwhelm a target with traffic. This makes option C the correct choice, as a single system or other options do not represent the nature of DDoS attacks.

A firewall acts as a barrier between trusted and untrusted networks by monitoring and controlling incoming and outgoing traffic based on security rules, making it the correct choice for this question.

The primary difference is that authentication verifies a user's identity, while authorization determines what resources a user can access. Thus, the correct choice is: Authentication verifies identity, authorization grants access.