Summary

In this chapter, you learned the different steps involved in predicting threats to your network. The motivation for an attack can range from curiosity to espionage. We showed you how to predict attacks that may be initiated from within your organization or from outside of it. You learned that threat modeling can greatly increase your ability to make appropriate decisions when doling out resources. Categorizing the threats that your organization faces as well as estimating the impact can better prepare you and your team to respond to an incident.

We later showed you that the creation of an incident response procedure can minimize mistakes and allow you to properly respond. Creating organizationally specific severity levels to qualify the attack and its impact further prepares the team with predefined processes to follow when an attack occurs.

After an incident occurs, you will need to take great care to make sure that the appropriate steps are taken. Failure to follow the predetermined plan can lead to mistakes and lost evidence.

Finally, you saw the different techniques that can be employed in order to secure your internal network. You can use a bastion host, a three-pronged configuration, or a back-to-back configuration to better secure your network and still allow some degree of access to services from the public network.