Which of the following does not qualify as a component of layered protection?

Layered protection is a security strategy that involves creating multiple layers of defense to protect assets from various threats. Each component of layered protection serves a specific function in ensuring comprehensive security.

Recovery is not generally considered a direct component of layered protection. Instead, it's an essential part of incident management that comes into play after a security breach or incident has occurred. Recovery focuses on restoring systems, data, and operations following an incident, which, while important, falls outside the proactive framework of layered protection. On the other hand, detection, defense, and deterrence are all critical proactive strategies that aim to prevent incidents or identify vulnerabilities before they can be exploited.

Detection involves recognizing when a threat or unauthorized activity occurs, allowing for rapid response. Defense refers to the measures that are in place to stop or mitigate a threat once it has been identified. Deterrence aims to discourage potential attackers through visible security measures or the likelihood of consequences.

Understanding these distinctions is key to grasping the principles of security frameworks and the importance of each component in a layered protection approach.