1. Defense in Depth
   1. Organizations should use multiple overlapping security controls to achieve the same control objective. This is a layered approach to security, and protects against the failure of any single security control.
2. Examples:
   1. Example 1: Implement protections against eavesdropping (MitM) attacks
      1. Encryption
         1. HTTPS (Encrypted with TLS)
         2. VPN (Encrypted with IPsec)
      2. VLANs
         1. Limit the damage that may be caused by an eavesdropping attack.
   2. Example 2: Network Access Control
      1. 802.1x Authentication
      2. Anti-Spoofing
         1. DHCP Snooping
         2. IP Source Guard
         3. unicast Reverse Path Forwarding
      3. Disable Unused Physical Ports
      4. MAC Address Filtering (Port Security)
   3. Example 3: Protect the network perimeter
      1. Hardware Firewall
      2. Router ACLs
      3. IDS/IPS