Which statement accurately contrasts defense in depth with a single point of failure in security architecture?

• A. Defense in depth uses multiple layered controls; single point of failure relies on one control, increasing risk.
• B. Defense in depth eliminates all risk; single point of failure always safe.
• C. Single point of failure uses multiple layers; defense in depth relies on a single control.
• D. Defense in depth reduces the cost of security by focusing on key asset.

Answer: (A)

Defense in depth relies on overlapping layers of protection across different parts of the system so that if one control fails or is bypassed, others still stand in the way. This layering creates redundancy and diversity, reducing overall risk because no single weakness determines the outcome. A single point of failure, by contrast, rests on a single control or mechanism; if that one control is compromised, the entire security objective is at risk because there’s no alternative layer to catch or mitigate the breach.

So the statement that defense in depth uses multiple layered controls while a single point of failure relies on a single control—and thus increases risk—is the best description. It captures the core difference between building resilience through multiple protections versus depending on a lone safeguard. The other ideas—eliminating all risk, defense in depth relying on a single control, or reducing cost by focusing on a key asset—do not reflect how layered defenses function or the inherent trade-offs involved.