Provide (2) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
1. Reduce the attack surface with what hardening steps and network security management best practices;
According to hysolate.com, the best method for securing the enterprise network from hackers are; automatically applying OS updates, service packs, and patches, removing or disabling non-essential software, drivers, services, file sharing, and functionality, which can act as back doors to the system, requiring all users to implement strong passwords and change them regularly, logging all activity, errors, and warnings, restricting unauthorized access and implementing privileged user controls.
2. Ensure secure authentication, authorization, and accounting;
To ensure the authentication, authorization, and accountability in securing the network is having a card reader for each computer station as the government has. Having an access card to log in to your workstation is the best way to avoid intrusion into the system. Obviously, personnel must report for loss and misplace an access card. Having access cards allows the company to have accountability on people using the network. The company must also update personnel access when someone retires or let go. He or she could have a vendetta towards the company. Most of the attacks on companies are always an inside-job.
3. Prevent or respond to intrusions.
Companies must invest in training, awareness, and updating software to prevent and respond to an attack. And they must have the latest firewall and virtual private network for potential threats from outsiders and infiltrators. They must emphasize regulations and guidelines when using an outside source. Another way to avoid any disaster is managing a backup data server that is isolated by the network, and that is updated every day before shutting down.
After reviewing the seven domains of the typical IT infrastructure, the first step in securing our organization’s enterprise network is to ensure that all our employees are properly trained annually and consistently equipped with cyber security awareness and information to counter the cyber crimes. We can ensure the authentication and accountability of all employees by their unique identification cards that have a special chip installed which will allow employees only to login and access the organization’s network to prevent any unauthorized access.
The second step to network security implementation is the accountability and verification of all hardware and operating systems to ensure all workstations are up to date with the current updates and security patches. This is to ensure the old and outdated hardware and software are identified as potential risks that can be reduced by replacing the old with a newer equipment or updating the outdated with the latest version. The next step is to authenticate the Local Area and the Wide Area Network by providing a strong local and wide area encryption and updating the firewalls to protect against intrusion and cyber threat attacks. Managing all the equipment such as routers, switches, access points, and firewalls while monitoring the Internet and user access are all good cyber security management which will protect the network from vulnerabilities and avoid any security holes.
Finally, the best practice to network security implementation, reduce the surface vulnerabilities, and respond to cyber threats is the “defense in depth.” Defense in depth is basically securing all possible domains of the organization’s network through multiple security controls in order to eliminate any single point failure. With the correct hardening steps and a strong defense in depth strategy, we will then be able to implement the best possible defense to reduce the attack surface and prevent any unwanted intrusions.