NETWORK DEFENSE STRATEGIES 1

Network Defense Strategies

Capella University

IAS5025 - Network and Operating System

Feb 21, 2019

NETWORK DEFENSE STRATEGIES 2

Abstract
Within the cyberspace is as the result of the advancement of technology, the Internet of Things

connectivity and the global internet connection of various network system devices/technologies.

Since the advancement of technology devices and technologies making possible for human

dependency on the cyberspace to cause innovation, business communication and processes,

increase in the productivity of human to participate in industrial mass production, better

confidentiality of business information/processes, being able to be satisfied customers and

securing needs and sensitive information when they are present on the cyberspace.

This paper will discuss the vectors useful in improving network system security of

organization protection from internal and external attacks and risk. this paper, we will further

examine organization network system security resources and security controls defensive

processes and tools for securing the various network system parameter and early threats

detection. The paper will review a “proactive way of dealing risk from malicious insider attacks

by cyber-defense tools” (Capella, 2019 para 21).

Keywords: malicious insider attacks, cyber-defense tools, threats detections, network

system parameter, security controls defensive processes, internal and external attacks.
NETWORK DEFENSE STRATEGIES 3

Table of Content

 Cover Page,

 Abstract.

 Table of Content.

 Introduction/ Body

 Conclusion

 References
NETWORK DEFENSE STRATEGIES 4

Unit 7 Virtual Lab 1

NETWORK DEFENSE STRATEGIES 5

Unit 07 Tool wire Lab 3 beginning

Unit 7 Virtual Lab 1 Ending

NETWORK DEFENSE STRATEGIES 6

Beginning

Ending
NETWORK DEFENSE STRATEGIES 7

Introduction

With cyber-defense processes and methodologies of security controls of the organization

network system by reducing and elimination of identifying any cyber-attacks threats and

vulnerabilities that will put the organization network system at risk. Cyber-defense will be the

information security governance in place at the organization for the protection of information

assets. Since this information security governance of the organization network system must able

to protect against any form of threats which requires that employees of organization have

working knowledge and skills network system defense and controls from specialties in any

network system controls processes, best practices of network system security management, the

network system security ‘do’s and “don’ts”.

The main concept of cyber-space defense of the organization which continues network

system security services and organizational objectives of management of the organization duties

let the everyone member of the business understand that it is mandatory to defend information

assets of the business. There will define the necessaries business investment in the network

system security controls and policies which protect every aspect of the information asset of the

organization. Which factor in the periodical network system surveillance and risk assessment

given into the development of cyber-defense strategies which proactive and understanding of the

organization investment of technologies and procedures which far beyond the traditional passive

network system defense as per Cole (2013) statement. This cyber-defense will combine the

people, processes, and products in defining network system defense to each network layer. The

cyber-defensive will contain processes and methodologies of personal defense, physical defense,

Users account and password administration, confidentiality of sensitive data, disaster recovery
NETWORK DEFENSE STRATEGIES 8

and business continuity plan, organization security awareness, and education, compliance/audit.

Which will function on the network system services of potential threats from natural

vulnerabilities, human factor threats and environmental threats from which source whether an

insider- employees, shareholders, contractors be it temporary or subcontractors, former

employees, and any unauthorized users (Cole, 2013, p 4-8).

The cyber-defensive methodology of identification of organization control which is board

and management making the cyber-defensive their duty, there is continues risk assessment and

administration with reviews and processes evaluation. There are organization network system

protection and security control for access control, network encryption, malicious code

prevention, BYOD security, wireless access security, database protection, network segmentation

parameter defense and DMZ, business processes and industrial processes controls, HR and

employee’s education, change management. Which can detect and find any intrusion by

documentation, network system monitoring, proactive network system security management?

For a threat responding by event management and business recovery (Cole, 2013, p 11-17).

In dealing with malicious insider threats the organization network managers must plan

and collect from past events within network by documenting, having total inventory review of all

existing security controls, seeking to find the applications used the malicious insider, we also

review and examine the existing HR processes, existing network management policies, user

behavior analytics ways and processes, further review of organizational communication,

employee training and contractors screening and consequence. Final outline strategic procedure

for definition user behavioral analytics, further examination of relationships leading to any

policies and process in the organization. Formulate procedures implementation map and the

resources needed. Plan the corporate organization communication employee’s education design
NETWORK DEFENSE STRATEGIES 9

for all employees and affected employees’ awareness (Ted, 2005, p 7-15).

In the early detections of network system security attacks starts when there is accounting

of all users permission or access and network system devices access control by active monitoring

and audits of applications and operating system for vulnerabilities such injecting of malicious

code into root programming or reverse engineering, evidence collections and documentation

from security incidents alerts from continuous network system precursor and indicators tools and

devices which should meet all applicable regulatory requirements and laws, the documentation

well preserved and accounts for all previous and present security incidents, the chain of custody

detailed and validated by signatures. Since on the documentation, it should contain the time,

date, identification data of devices used for an incident, the location of storage of evidence,

personal information of network administrator who collected evidence. Ted (2005) states further

that from which you also identify the attacker host again if they cause a security incident. Also,

from sandboxing procedures when an attacker who constantly keep intruding into the network

system, further examination of alerts from precursors and indicators for the various types of

security incidents.

Also, ACSC states that (2017) information assets of the organization mapping to know

the gaps in the network system defense, for protection against external and internal malicious

attackers, the threats present by privacy such as eavesdropping, integrity of data by insider or

outsider attacker to manipulate the modification of network system traffic packets and data.

Since a malicious insider is defined by the financial gain, revenge, coercion, theft and make a

political statement. We can mitigate them by blocking a spoofed email, malware prevention

strategy and awareness about social engineering to employees.

NETWORK DEFENSE STRATEGIES 10

References

Capella University, 2019, Course room, unit 7, network defense strategies, Date Retrieved 02/22/

2019,

https://courserooma.capella.edu/webapps/blackboard/content/listContent.jsp?course_id=_

162482_1&content_id=_7268977_1&mode=reset

Cole, E. (2013). Network Security Essentials. Date Retrieved 02/22/ 2019,

http://www.sans.edu/research/security-laboratory/article/401-tnetwork-types#otherlinks

Ted Franger, (2005) SANS, Secure Perimeter Network Design for GIAC Enterprises, Date

Retrieved 02/19/ 2019, https://www.sans.org/reading-room/whitepapers/infosec/secure-

perimeter-network-design-giac-enterprises-1622
NETWORK DEFENSE STRATEGIES 11

CISCO, (2018), SAFE, Places in the Network: Secure Internet Edge, Date Retrieved 02/17/

2019, https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-

security/safe-architecture-guide-pin-secure-internet-edge.pdf

Cole, E. (2013). Network Security Essentials. Date Retrieved 02/19/ 2019,

http://www.sans.edu/research/security-laboratory/article/401-tnetwork-types#otherlinks

ACSC, 2017, Strategies to Mitigate Cyber Security Incidents – Mitigation Details, Date

Retrieved 02/17/ 2019, https://acsc.gov.au/infosec/top-mitigations/mitigations-2017-

details.htm