As the application of cyber-physical systems (CPSs) becomes more and more widespread, its security is becoming a focus of attention. Currently, there has been much research on the security defense of the physical layer of the CPS. However, most of the research only focuses on one of the aspects, for example, attack detection, security state estimation, or recovery control. Obviously, the effectiveness of security defense targeting only one aspect is limited. Therefore, in this paper, a set of security defense processes is proposed for the case that a CPS containing multiple sensors is subject to three kinds of stealthy attacks (i.e., zero-dynamics attack, covert attack, and replay attack). Firstly, the existing attack detection method based on improved residuals is used to detect stealthy attacks. Secondly, based on the detection results, an optimal state estimation method based on improved Kalman filtering is proposed to estimate the actual state of the system. Then, based on the optimal state, internal model control (IMC) is introduced to complete the recovery control of the system. Finally, the proposed methods are integrated to give a complete security defense process, and the simulation is verified for three kinds of stealthy attacks. The simulation results show that the proposed methods are effective.