In recent years, Business Continuity Management (BCM) has become an important issue to organizations. Within the scope of BCM, Disaster Recovery Planning (DRP) is one of the most IT-related problems, and redundancy is a frequently used approach to implement DRP. However, previous research on Redundancy Allocation Problem (RAP) focused on dealing with the problems related to reliable systems, instead of network systems that organizations rely on. Therefore, we discuss RAP in network environments. By efficient use of redundancy together with extra defense mechanisms, we attempt to ensure a network’s service continuity, and enhance its survivability against malicious attackers that utilizes accumulated experience. We construct an attack/defense scenario, in which an attacker and a defender competing against each other, and formulate it as a two-phase nonlinear integer programming problem. In the inner problem, AEA model, the attacker that utilizes accumulated experience attempts to minimize the total attack cost of compromising all core nodes in the network by choosing appropriate targets to compromise. By contrast, in the outer problem, RAP-EDM model, the defender allocates proper redundancy and extra defense mechanisms to maximize the minimized total attack cost under the consideration of a limited defense budget. We adopt a Lagrangean Relaxation-based solution approach to resolve the problem above, and further prove the efficacy of our approach by computer experiments.