Which term describes employing multiple security layers because assets require differing levels of protection?

Security-in-depth is the approach of using multiple protective layers to guard assets that require different levels of protection. By layering physical barriers, access controls, monitoring, policies, and response measures, you create a defense that remains effective even if one control is breached, and you tailor the strength of protection to the importance or sensitivity of each asset. This concept is ideal for situations where not all assets need the same level of protection, so you reinforce them with complementary controls across multiple domains. Redundancy focuses on duplicating components for availability, not on varying protection levels for different assets. Access control is about who can do what, not about layering defenses. Deterrence aims to discourage attackers, rather than building layered safeguards.