-Under the concept of -defense in depth-, subsystems should be designed to:-

A. -fail insecure-

B. -fail secure-

C. -react to attack-

D. -react to failure-

E. None of the choices.

Explanation:

-With 0-defense in depth-, more than one subsystem needs to be compromised to compromise the security of the system and the information it holds. Subsystems should default to secure settings, and wherever possible should be designed to -fail secure- rather than -fail insecure-.