Exam (elaborations)
WGU D482 Full Paper Updated 2024/2025 with complete solution
- Course
- CYBER D482
- Institution
- Western Governors University
WGU D482 Full Paper Updated 2024/2025 with complete solution
[Show more]
Content preview
WGU D482 Full Paper Updated 2024/2025 with completesolution
A. Describe two current network security problems and two current infrastructure problems for each
company, based on business requirements given in the scenario.
Company A
Mergers are always tricky to incorporate from a security perspective. Company A’s network diagram
showcases a couple of security problems with their design. One of the first things I saw from a network
security standpoint was allowing an RDP inbound connection from the internet to their internal
networks. This is a very bad design and is one of the most common reasons companies get infected with
ransomware and other malware. The second network security issue is with the servers all having
outbound connections to the internet. This is not needed in every instance and can cause serious issues
if those servers are exposing a service to the internet.
After looking through Company A’s network diagram, there are a couple of infrastructure design issues
with the current setup. The first problem I see is that the firewall, which has a web server exposed to the
internet, is behind a router. This should be a perimeter firewall in which case it would be at the edge of
the network. This could cause security issues as you are effectively exposing an internal firewall that is
also connected to the internal network switches as well as serving web access to the internet. Along with
that issue is where the switches connect to the firewall. This is not a good design, the switches should
uplink to the router and then the router should connect to the firewall. The second security issue I saw
had to do with how the bottom access switches are connected. Daisey-chaining network switches are
also bad design and can also lead to security issues. Another problem with daisy-chaining switches is
that the second switch could be isolated from the network if the upstream switch stops working or has
some issue.
Company B
Company B’s network diagram includes network services that are allowed through the firewall. The first
security concern deals with the open ports. Company B’s network has telnet, port 23, open and allowed
through. Since telnet is an insecure protocol that transports credentials in clear text it should not be
used. The second security concern deals with http, port 80, which is also open. The use of HTTP means
that there is no encryption being used from the client to the server. This should not be used, and the
Company should use https instead.
Company B’s first infrastructure issue I see is the Wi-Fi and printers seem to be connected through a
shared segment despite the other connections having separate ports. Instead, these should be separate
physical ports for the Wi-Fi APs and for the printers. This is also the case between the firewalls and ISP
routers. The ISP router should be dual-homed with one cable going to each firewall. The second
infrastructure issue has to do with how the servers are set up. Every other segment of the network has a
VLAN number and network assigned to it. This could indicate that the servers are a part of the default
VLAN, in which case this would be a security issue as the best practice is to not use the default VLAN for
anything.
B. Analyze the given network diagram and vulnerability scan for both companies by doing
the following:
, 1. Describe two existing vulnerabilities for each company.
According to the risk analysis of company A, there are six vulnerabilities described in order of likelihood.
The two vulnerabilities with the highest likelihood are open ports and password policy. The open ports
outlined are ports 21-90 and 3389. Of those listed ports, 3389 is one of the most impactful, as
mentioned above as this is one of the most used attack vectors for ransomware. The second vulnerability
deals with the password policy of the company, showing that users are using a less secure password
length for their passwords. This should not be the only criterion for passwords and the length
requirement should be 15 characters.
According to the risk analysis of Company B, there are 20 vulnerabilities listed. Several critical
vulnerabilities came up for company B, the two that stood out were PostgreSQL admin is reachable from
the internet and the ruby on rails remote code execution (RCE). The PostgreSQL vulnerability allows
anyone from the internet to have an admin login to the server. This is very bad as it would allow an
attacker to do all sorts of bad things once on the system. This should be disabled and only login available
from the local network. The second vulnerability is also severe because it allows an attacker to remotely
execute code on the machine. This would allow an attacker to execute malicious code and could easily
allow access to other parts of the network. This vulnerability should be mitigated.
2. Explain the impact, risk, and likelihood associated with each described vulnerability
from part B1 as it relates to each company.
For Company A’s first vulnerability, the impact of exposing RDP to the internet is very high. This would
allow an attacker to gain access to an internal device on the network and could allow access to other
areas of the network. The risk level of this vulnerability is high, meaning that this type of vulnerability
could have a serious impact on confidentiality, availability, and integrity. With the risk level high and
impact high, the likelihood of this being exploited is high. This means that it is likely that an attacker
would compromise the system. The second vulnerability has to do with the password hygiene of the
company. The company is allowing users to have 8-character passwords, which is not the best practice
and can lead to easily crackable passwords. The impact of this vulnerability is high because the shorter
the password the easier it is for an attacker to brute force or other methods to gain access. The risk of
this is high because the impact and likelihood are both high.
For Company B’s first vulnerability, the PostgreSQL admin console is reachable over the internet and has
a high impact as this exposes a critical server to the internet. This can lead to an attacker gaining access
to other internal resources. Because of this, the likelihood of an attacker gaining access to this is high,
resulting in a high risk. The second vulnerability, the ruby on rails RCE, has a high impact on the internal
network because it allows an attacker to remotely execute code on the machine. With the vulnerability
being critical, the likelihood of an attacker exploiting it is high and thus the risk is high.
C. Create a network topology diagram with details of the proposed merged network
requirements.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Wiseman. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75323 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now