network defense mechanisms seems like little bit complex W r i t i n g

I Need to write 3 seperate replies for each Discussion posts. and choose one question(There are 3 questions in each discussion) from each discussion and answer it. Each reply should be 75-100 words(minimum 75 words)

Please follow instructions:

The discussions in this class exist to simulate face-to-face discussions. To reach that goal, we will adhere to the 3CQ model. After posting each thread, you will post at least 3 comments on other students’ threads, and each comment must conform to the 3CQ model (Compliment, Comment, Connect, Question). This model encourages discussions that extend class learning and participation.

Here is a description of the 3CQ model:

1. Compliment – Start off positive. Compliment the person on something specific you have read or observed in the person’s blog post. For example:

• Thanks for sharing your thoughts! I really liked …

2. Comment – Comment on something relevant and meaningful about what the person wrote. Be specific! Remember your comment might not always be agreement. You can “politely” disagree. For example:

• I agree with you about …
• I respect your opinion, but I think …

3. Connect – Connect with something the person wrote (Text-to-Self, Text-to-Text, Text-to-World). Explain your connection with details giving your audience a clear idea of what you’re talking about by using sensory details. For example:

• I can connect with you about …
• I once read a story about …
• I had the same thing happen to me…

4. Question – Ask a specific question about something written or the writer. Keep the conversation going!

Remember that ALL discussions must use the 3CQ approach to interaction.

Discussion 1 Post:

Multilayered Defense

Information security involves selecting a proper strategy for defending against attacks and unauthorized access. A common approach used to protect computer systems and networks is multilayered defense. In layman’s terms, a multilayer defensive strategy will implement access controls at all levels of the network, from the perimeter down to the file system and everything in between. Implementing access controls at all levels of the network is a complete strategy as compared to a monolithic or single-layer approach. Using only a firewall to protect an entire system will inevitably result in a data breach or some other type of network intrusion. One advantage of implementing a multilayered defense is that when one control fails, another control is available to provide protection. The benefits of multilayered security also lead to its disadvantages. When controlling access at all levels of the network, the availability of the network is limited. This reduction in availability will frustrate users and can cause issues when devices such as Intrusion Detection Systems mistakingly prohibit access to those that have the proper authorization. Another problem with multilayered security is cost. To protect a network at all levels requires hardware and human resources to administer the tools and devices needed for a multilayered security strategy. These additional hardware components can also increase the attack surface of the network by creating more opportunities for hackers to gain access via an improperly hardened device. Even though an increase in cost, a decrease in usability, and the possibility of widening the network’s attack surface are possible, a multilayered security approach provides the best defense against hackers.

Questions for Week #1:

1. When a ransomware attack happens, should the victim pay the attacker? Why or why not?
2. As a network security professional, which part of the CIA triad do you think is most important?
3. When dealing with host vulnerabilities, is it more critical to identify them or remediate them?

Disussion 2 Post:

Multi layered defense is employing multiple levels of defense mechanisms to reduce attack surface. Multiple layer defense strategy also termed as defense in depth strategy & it combines multiple secure mechanisms such as access controls, network security controls, workstation defense, information protection. To reduce the attack surface, (1) Establish computer role & install operating systems for that role. By installing only necessary software’s saves memory, use less disk space, less power & resource consumption, less security patches. (2) For data protection, using TLS/SSL encryption along with https and firewalls together. Using Intrusion detection systems, web application firewalls prevent several cyber-attacks such as Denial of service, eavesdrop & man in the middle. Even though if attacker got the data with its in encrypted format. Using all these network defense mechanisms seems like little bit complex & needs investments, but it will give significant savings when coming to customer data protection. (3) Data encryption: This is another approach to secure customers data, encryption should be enforced during in transit, at rest & in use. Some organizations need to mandate data encryption due to their business rules, example HIPAA compliance.

When comparing multi layered with monolithic solution, if system has only one rigid defense mechanism and hacker finds a way to break it the whole system will be exploited. Attacker can get the data, use its resources & even removes all system logs causing huge financial loss & damages organization reputation.

Questions:

1. What are the best ways to mitigate Denial of service attacks?
2. How to prevent cross site scripting attack in web applications?
3. What are different types of encryption mechanisms?

Discussion 3 Post:

Multilayered Defense Strategy

Many environmental webs today faces some threats, and attacks against the targets of financial entities. Therefore multi-layer security helps protect the internet security of small businesses and corporations (Solomon, 2019). These attacks can only be stopped by a multi-layer creating a defense in all the applications and protocols that works in multiplicity.

Advantages of multilayered security strategy

Layered security takes up a higher defense point in the cyber, and it prevents the landscape of cyber threats. Some of its advantages include;

• Malware polymorphism are protected through the strategy
• Attacks did while someone is linking, using apps, and also attaching email are protected
• Some threats that originate from the work level are protected.
• There are stability and robustness in using it.
• There is a clear provision of interfaces and modality in using it.

Disadvantages of multilayered defense

• Duplication of functionality which leads to overhead in the data processing
• It is likely of data getting lost or being broken when the layers are many
• Various applications during operation can be sluggish due to exploitation complexity.
• Intensive applications during exploitation results in complexity

According to Solomon (2019), the use of multi-layer in small businesses and corporations has a great impact in that there is sharing in the infrastructural setup, expatriation, and strength of bandwidth by the clients using it. Therefore there is a saving in the cost of the budget, and its security is increased because of sharing. Many organizations and corporations are at risk because there are increased attack and vector threats, thus making the defense to be more complicated. Therefore these corporations are being overhauled by the in-depth of the defense leading to higher cost in the budget to migrating to a more comprehensive solution of integration.

The argument in contrasting the security of multi-layer is that more effective protection is provided only by the breed, which is the best. The strategic security comprehension should be made to perform at compatibilities, which are open and components which are also nonintegrated.

Questions

1. What are some of the reasons for security by the cloud endpoint?
2. What are some of how corporate can increase the power of analytics by the use of clouds?
3. How can someone monitor the network when using the multilayered defense strategy?

Reference

Solomon, M.G., (2019). Security strategies in windows platforms and applications. Jones & Bartlett Learning.