Network security refers to the following concepts; any protection of access, misuse of a computer network system, and hacking of directories in a computer network system. The most common forms of threat in any given network include the viruses, hacker attacks, spyware, identity theft, zero-day attacks, data interception and theft, worms and adware ( Huang et al 2015) . There is no single package of network security system that is capable of offering complete protection against every of the above listed threats. It is thus important to have and use multiple layers of security for any network.
Defense in Depth (DID) refers to the use of multiple layered security measures in protecting integrity of information in any information technology system. The aim of this method of data protection is to address the possible vulnerabilities that exist in technology, personnel and operations, physical security, technical, and procedural in the duration of the system’s life cycle. Defense in Depth is also sometimes referred to as Layered Security. The very idea of defense in depth is to use multiple defense mechanisms deployed in layers across a network infrastructure to protect the internal data, systems, networks, and users (Straub, 2003). “With defense in depth, networks are protected by using layers of detection and protection mechanisms such as firewalls, intrusion-detection systems, antivirus software, physical security, and an informed user base” (Bingman, 2016, p. 71). Multiple layered defenses are used in the network architecture as failsafe network design, so that if one defensive measure/layer fails, there are more back-up security layers that can continue to protect the assets ( Huang et al 2015) . The importance of implementing defense in depth is leveraged from the capabilities it offers, such as:
Delegate your assignment to our experts and they will do the rest.
Monitoring, alerting, and emergency response: Since the layered security architecture caters to an informed user database, deploying the user authentication is the first layer of security implemented in depth in defense strategy. This helps monitoring network activity based on authenticated logins and forceful intrusions.
Authorized personnel activity accounting: Individual user activity monitoring enhances the level of security for the network. Most systems provide an option of user and event logging in form of encrypted files or recordings.
Disaster recovery: In case of a security breach, an alert flag is triggered to the administrator informing the event details of security compromise, deploying a fallback option that continues to arm the architecture perimeter for any further illegal penetration.
Criminal activity logging, reporting and forensics: The user activity can be logged, which gives an added advantage of recording and reporting. In the event of an incident response call, these logs provide the necessary audit trail for forensic investigations and reprimanding the cyber-attack
Some of other concepts that are involved in computer network security are physical security risk, cyber-threat and counter measure and are discussed below.
Physical security refers to the protection of personnel, network data, hardware and software from physical actions and occurrences that are capable of causing serious damage or loss to an agency or institution. It comprises all types of protection from physical threats such as fire, natural disasters such as floods, burglary, vandalism and terrorism. This type of security is often overlooked compared to technical threats such as cyberespionage (Oriyano, 2014). In addition, this type of security risk can be carried out with brute force and little or completely no knowledge on the part of an attacker. Physical threat has three important components, which are access control, surveillance and testing.
Cyber threat refers to the possibility of a harmful attempt to damage or distort a computer network or system. It is the adversary attempt to gain access to a system. There are many types of cyber threats. The top most common cyber threats include Social Engineered Trojans, Unpatched Software, Phishing, Network travelling worms and Advanced Persistent Threats ( Taylor et al 2014) . In 2016, Bob Gourley highlighted two technology trends that drive the cyber threat landscape. This includes the Internet of things and Explosion of data. The most common sources of cyber threats are Nation states or national governments, terrorists, industrial spies, organized crime groups, hackers and hacktivists, business competitors and disgruntled insiders.
A counter measure is basically an action that is taken to counter a particular threat or danger. Apart from being an action, it can also be a process, device or system that can be used to prevent or mitigate threats to a computer, sever or network and its effects. From the given scenarios in the question, the following actions can be taken as counter measures of the given threats.
Scenario 1: This type of threat could be considered a physical threat as it relates to unidentified people stealing ACME’s assets. A counter measure that could be used here is applying some type of physical constraint to the door as an electronic keypad lock or an employee card reader. In addition, security personnel can be employed to be physically present at the premises where ACME’s network equipment’s are being kept. CCTV cameras should also be installed to help in assistance to the security personnel’s in order to deal with the physical threat.
Scenario 2: This type or threat could be considered a cyber-crime or a cyber-threat. ACME could use antivirus software as a countermeasure to protect them from this type of incident ( Fritsch, 2014) . In addition, establishment of an extensive defense in depth security measure will be necessary in order to prevent the possibilities of future threats.
Scenario 3: This type of threat could be considered a physical threat as it relates to an angry employee who has done nothing so far but does have feelings off revenge towards ACME. ACME feels some trepidation towards what possible reaction the employee may have as well. Some countermeasures that ACME could perform are physically monitoring Robert and perform audits on his work computer to ensure that he is only doing work related business (Oriyano, 2014).
References
Gefen, D., Karahanna, E., & Straub, D. W. (2003). Trust and TAM in online shopping: An integrated model. MIS quarterly , 27 (1), 51-90
Huang, W, Tang, W, & Beedgen, C. F. (2015). U.S. Patent No. 9,031,916 . Washington, DC: U.S. Patent and Trademark Office.
Oriyano, S. (2014). Physical Security. In Cehv8: Certified Ethical Hacker Version 8 Study Guide (pp. 393-409). Indianapolis, IN USA: Wiley
Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism . Prentice Hall Press.
