The effectiveness of U.S. cyber-capabilities can have a serious effect on the cyber-security stance of the US and significantly impact how well U.S. critical infrastructures are protected. The problem is that the state of the U.S. cyber-security could be negatively impacted by the dependency that the US displays in its use of defensive cyber-capabilities as part of the security measures that are employed. The purpose of this study was to explore the reasons behind US reliance on defensive-cyber capabilities as opposed to a parallel reliance on cyber-offensive capabilities. As the focus of this study was an exploratory one in which little information is known, qualitative methodology was the most appropriate to utilize. A qualitative case study was used to conduct semi-structured interviews with cyber-security professionals who work in the Washington, DC metropolitan area. The interviews were aimed at exploring the thoughts of cyber-security professionals responsible for using offensive cyber-capabilities and defensive cyber-capabilities as part of their daily job responsibilities. Nine cyber-security professionals were selected based on predefined criteria. Interviews were conducted face-to-face using WebEx or in a physical location acceptable to the participant. The data that was obtained from the interview responses was coded and analyzed using NVivo, a qualitative software analysis tool. From this analysis, 13 themed categories emerged: (a) vulnerabilities management, (b) security tools, (c) information implementation, (d) understanding technology, (e) protecting information, (f) sharing information, (g) security baseline, (h) impact, (i) challenges, (j) knowledge, (j) implementing effective security, (k) defensive and offensive capabilities, and (l) understanding defensive and offensive capabilities. The results revealed that cyber-security professionals perceive that an imbalance exists in the approach used in the employment of defensive cyber-capabilities and offensive cyber-capabilities. It was concluded that an equal balance in the development and implementation of defensive cyber-capabilities and offensive cyber-capabilities could prove beneficial to the improvement of the US cyber-security posture. Recommendations for future research include broadening the scope of the study by including cyber-security professionals located throughout the US and by investigating and examining hacker behaviors. [The dissertation citations contained here are published with the permission of ProQuest LLC. Further reproduction is prohibited without permission. Copies of dissertations may be obtained by Telephone (800) 1-800-521-0600. Web page: http://www.proquest.com/en-US/products/dissertations/individuals.shtml.]