WGU D482 Final Draft: Analyzing Network Security
Issues & Solutions.
D482
Chandler Rix
Task 1
A. Current Network Security and Infrastructure Problems
Company A has two critical network security problems. First, all network users have local
administrative privileges, which increases the risk of unauthorized changes or malware
installation. As noted by the National Institute of Standards and Technology (NIST), "excessive
user privileges are a common attack vector for malware and insider threats, as they allow
attackers to escalate privileges and gain control over critical systems" (Rose et al.). Second, the
use of only eight-character passwords makes accounts vulnerable to brute force attacks.
According to the PCI Security Standards Council, "weak passwords are a leading cause of
credential-based attacks, as they can be easily cracked using modern computing power"
("Official PCI Security Standards Council Site"). In terms of infrastructure, Company A is
utilizing end-of-life (EOL) equipment that no longer receives security updates or patches,
leaving the network exposed to known vulnerabilities. Additionally, open port 3389, commonly
used for Remote Desktop Protocol (RDP), exposes the network to potential exploitation. RDP is
a frequent target for attackers, as highlighted by AWS: "Open RDP ports are a common entry
point for ransomware attacks, as they provide direct access to systems without requiring
additional authentication" ("Cloud Security – Amazon Web Services (AWS)").
Company B also faces significant network security challenges. The lack of multi-factor
authentication (MFA) across all users increases the risk of unauthorized access. NIST
emphasizes that "MFA is a critical control for mitigating credential theft, as it adds an additional
layer of security beyond passwords, making it significantly harder for attackers to gain access"
(Rose et al.). Additionally, the use of rlogin passwordless login is inherently insecure and
susceptible to abuse. This outdated protocol lacks encryption and is no longer recommended for
secure environments. On the infrastructure side, Company B is using end-of-life (EOL) operating
systems, leaving the network vulnerable to unpatched exploits. Furthermore, the PostgreSQL
admin interface is reachable from the internet, exposing sensitive database management
functions to potential attackers. As noted by AWS, "exposing database admin interfaces to the
internet is a high-risk practice, as it allows attackers to directly target and compromise critical
data" ("Cloud Security – Amazon Web Services (AWS)").
B. Analysis of Network Diagram and Vulnerability Scan
Company A has two significant vulnerabilities. First, granting local administrative privileges to
all users increases the risk of malware installation or system compromise. The impact of this
, vulnerability is severe, as attackers can gain full control of systems. The risk is high, and the
likelihood is medium, as attackers often target privileged accounts. Second, open port 3389
poses a high risk of remote exploitation. The impact includes potential system compromise, and
the likelihood is high due to the prevalence of RDP exploits.
Company B also has critical vulnerabilities. The lack of MFA across all users increases the risk
of unauthorized access to sensitive systems. The impact is significant, as attackers can bypass
single-factor authentication. The risk is high, and the likelihood is medium, as credential theft is
common. Additionally, the PostgreSQL admin interface being reachable from the internet poses
a high risk of database compromise. The impact includes potential data breaches, and the
likelihood is medium, as attackers actively scan for exposed services.
C. Network Topology Diagram
The proposed merged network topology integrates cloud services, Zero Trust principles, and
hybrid infrastructure to address the vulnerabilities of both companies. Cloud integration using
Issues & Solutions.
D482
Chandler Rix
Task 1
A. Current Network Security and Infrastructure Problems
Company A has two critical network security problems. First, all network users have local
administrative privileges, which increases the risk of unauthorized changes or malware
installation. As noted by the National Institute of Standards and Technology (NIST), "excessive
user privileges are a common attack vector for malware and insider threats, as they allow
attackers to escalate privileges and gain control over critical systems" (Rose et al.). Second, the
use of only eight-character passwords makes accounts vulnerable to brute force attacks.
According to the PCI Security Standards Council, "weak passwords are a leading cause of
credential-based attacks, as they can be easily cracked using modern computing power"
("Official PCI Security Standards Council Site"). In terms of infrastructure, Company A is
utilizing end-of-life (EOL) equipment that no longer receives security updates or patches,
leaving the network exposed to known vulnerabilities. Additionally, open port 3389, commonly
used for Remote Desktop Protocol (RDP), exposes the network to potential exploitation. RDP is
a frequent target for attackers, as highlighted by AWS: "Open RDP ports are a common entry
point for ransomware attacks, as they provide direct access to systems without requiring
additional authentication" ("Cloud Security – Amazon Web Services (AWS)").
Company B also faces significant network security challenges. The lack of multi-factor
authentication (MFA) across all users increases the risk of unauthorized access. NIST
emphasizes that "MFA is a critical control for mitigating credential theft, as it adds an additional
layer of security beyond passwords, making it significantly harder for attackers to gain access"
(Rose et al.). Additionally, the use of rlogin passwordless login is inherently insecure and
susceptible to abuse. This outdated protocol lacks encryption and is no longer recommended for
secure environments. On the infrastructure side, Company B is using end-of-life (EOL) operating
systems, leaving the network vulnerable to unpatched exploits. Furthermore, the PostgreSQL
admin interface is reachable from the internet, exposing sensitive database management
functions to potential attackers. As noted by AWS, "exposing database admin interfaces to the
internet is a high-risk practice, as it allows attackers to directly target and compromise critical
data" ("Cloud Security – Amazon Web Services (AWS)").
B. Analysis of Network Diagram and Vulnerability Scan
Company A has two significant vulnerabilities. First, granting local administrative privileges to
all users increases the risk of malware installation or system compromise. The impact of this
, vulnerability is severe, as attackers can gain full control of systems. The risk is high, and the
likelihood is medium, as attackers often target privileged accounts. Second, open port 3389
poses a high risk of remote exploitation. The impact includes potential system compromise, and
the likelihood is high due to the prevalence of RDP exploits.
Company B also has critical vulnerabilities. The lack of MFA across all users increases the risk
of unauthorized access to sensitive systems. The impact is significant, as attackers can bypass
single-factor authentication. The risk is high, and the likelihood is medium, as credential theft is
common. Additionally, the PostgreSQL admin interface being reachable from the internet poses
a high risk of database compromise. The impact includes potential data breaches, and the
likelihood is medium, as attackers actively scan for exposed services.
C. Network Topology Diagram
The proposed merged network topology integrates cloud services, Zero Trust principles, and
hybrid infrastructure to address the vulnerabilities of both companies. Cloud integration using
