What best describes defense-in-depth?

Defense-in-depth means building security with multiple overlapping layers so that defeating one layer doesn’t break the whole system. Since no single control is perfect, several independent protections work together to reduce overall risk. These layers span people, processes, and technology—think access controls and strong authentication, network segmentation with firewalls, continuous monitoring, patching and configuration management, encryption, backups, physical security, and ongoing security awareness training. If one control fails, others still block or slow an attack, limiting impact. This is why layered controls reducing risk is the best description; relying on a single firewall, physical security alone, or training alone would leave gaps for attackers to exploit.