<P> The idea behind the defense in depth approach is to defend a system against any particular attack using several independent methods . It is a layering tactic, conceived by the National Security Agency (NSA) as a comprehensive approach to information and electronic security . </P> <P> Defense in depth is originally a military strategy that seeks to delay rather than prevent the advance of an attacker by yielding space to buy time . The placement of protection mechanisms, procedures and policies is intended to increase the dependability of an IT system, where multiple layers of defense prevent espionage and direct attacks against critical systems . In terms of computer network defense, defense in depth measures should not only prevent security breaches but also buy an organization time to detect and respond to an attack and so reduce and mitigate the consequences of a breach . </P> <P> Defense in depth can be divided into three areas: Physical, Technical, and Administrative . </P> <P> Physical controls are anything that physically limits or prevents access to IT systems . Fences, guards, dogs, and CCTV systems and the like . </P>

Defense in depth strategy focus on what three areas