D482 SECURE NETWORK DESIGN TASK 1 WESTERN
GOVERNORS’ UNIVERSITY
, lOMoAR cPSD| 42147428
D482
Task 1
Company A has identified multiple network and infrastructure vulnerabilities. Identified network
security vulnerabilities include all network users have local administrative privilegesand use
only eight-character passwords. Hardware vulnerabilities are end of life equipment being
utilized as well as open port 3389.
Users having local administrative privileges is a network security issue. Allowing all users to
have this level of privilege has a moderate vulnerability risk. Company A should deploy the
concept of least privilege to mitigate the likelihood of nefarious actors accessing the company
network. “The Principle of Least Privilege (POLP) is widely recognized as a security concept that
enforces giving an identity (a person or machine identity) only the permissions that are essential
to performing its intended function. If an identity does not need the authorization, they should
not possess it. It is implemented to minimize the cloud attack surface and protect data by
mitigating the number of opportunities for exploitation via permissions.” (Shea, Tally, (2023,
November 30). What’s Least Privilege? How to Implement & Stay There. Retrieved from
https://sonraisecurity.com/blog/principle-least-privilege/ ).
The requirement that users only use eight-character passwords is another Company A
vulnerability and is considered a high likelihood risk. A recent study has found that an eight-
character password only takes approximately five minutes to crack. (Whitney, Lance, (2023,
August 7). How an 8-Character Password Could be Cracked in Just a Few Minutes. Retrieved
from https://www.techrepublic.com/article/how-an-8-character-password-could-
be-cracked-in-less-than-an-hour/ ). “Security experts keep advising us to create strong and
complex passwords to protect our online accounts and data from savvy cybercriminals. And
“complex” typically means using lowercase and uppercase characters, numbers, and even
special symbols.” (Whitney).
The fact that Company A is a global financial company puts it at a greater risk of nefarious
activity by hackers and the like. Implementing and enforcing complex passwords can reduce the
risk of identity theft and financial fraud of those entrusting Company A with their financial
information. An example of a recent financial institution hacking is what occurred at Block which
resulted in 8.2 million customers having their financial information compromised. The exposed
information was not just personal identification information but also brokerage account data
and credit card information. (Kost, Edward, (2023, August 3). 10 Biggest Data Breaches in
Finance. Retrieved from https://www.upguard.com/blog/biggest-data- breaches-
financial-services). These types of breach not only impact the customer it affectsthe company in
form of reputation, stock value (if applicable), and fine/fees.
Company A identified a hardware vulnerability of the use of end-of-life (“EOL”) equipment being
used. The use of equipment that is at or past EOL creates a high risk to the Company as it is no
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller saraciousstuvia. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £12.67. You're not tied to anything after your purchase.