C844 Task WGU 2: WLAN & Mobile Vulnerabilities and Mitigation Strategies
C844 Task 2
WLAN Vulnerabilities
WLAN vulnerability A
The first vulnerability that I have found for Alliah has to do with the access points, specifically the Access
point that services the patio. The patio access point is in a public or semipublic area making it accessible
to individuals outside of the company. The patio access point might extend the WLAN signal beyond the
intended boundaries providing a golden opportunity for unauthorized individuals in close contact to
connect to the network. There was no mention of proper network segmentation or standard encryption
standards being used which further fuel the danger of having this access point transmitted to a public
area. With the patio being a place where employees can also use their own devices this only further
increases the chances of a security event taking place.
WLAN vulnerability B
The second vulnerability has to do with the overall BYOD policy. The Bring your own device policy at
Alliah has no standard rules. Anyone can bring any device and use it to work. While this policy provides
flexibility, it introduces a plethora of vulnerabilities. Employees personal devices may not have the same
level of security controls as company-owned devices. Employees can install any application at they can
also have outdated operating systems or lack of proper security configurations. The risks associated
with having employee BYOD devices be used for work without proper vetting can lead to massive
security incidents due to potential malware and vulnerabilities their systems can bring in. Also due to
the unpredictability of what employees are doing on their devices, the BYOD policy has a huge ever-
changing vulnerability.
Mobile Vulnerabilities
Vulnerability for Mobile devices A
In the report it is mentioned that there are 5 employees who travel 80% of the time. In the report there
is no mention of how these employees ensure that they are safeguarding company information when
the data is in motion. The devices they are using are exposed to various networks and environments
making them especially vulnerable to potential security threats. For instance, if an employee connects
to an unsecured public Wi-Fi network without using a tool like a VPN to protect the information it can
lead to information transmitted over network to be intercepted. This interception can lead to business
secrets being stolen or being used for potential extortion.
Page 1|5
, C844 Task WGU 2: WLAN & Mobile Vulnerabilities and Mitigation Strategies
Second vulnerability for Mobile devices
With Alliah’s 5 employees traveling 80% of the time with 3 devices each there was no mention of any
standards being used to secure those devices in the event they are lost or stolen. With the devices being
exposed to new environments most of the time this makes them prime targets for unauthorized access
of theft. These devices being lost or stolen can lead to business data being stolen or it can also lead to
data breaches in the company. The lack of any encryption requirements or a central management
system means that the data on these devices can fall into the wrong hands or be lost. Another huge risk
is that if these devices fall into the wrong hands with no protection, they can be used for phishing and
impersonation attacks as well leading to potential financial losses.
Mitigation
First Mitigation for WLAN
There are a few steps we can take to mitigate the risk with our patio access point. One would be
network segmentation we would isolate the patio network from the internal corporate network. This
would be achieved using the existing firewalls and using the managed switch to set up VLAN’s
restricting communication between the patio area and more sensitive parts of the network. Another
mitigation would be to ensure encryption standards are being used. We would use WPA2 or WPA3 to
secure wireless communication and protect against unauthorized access and data interception. Finally,
we would monitor the patio connection and implement intrusion detection. We would implement
monitoring tools and intrusion detection systems such as snort to view network traffic and ensure no
malicious traffic is being transmitted into the patio network. This proactive approach will help identify
security incidents before they escalate.
Second Mitigation WLAN
There are various ways we can mitigate the risks associated with the BYOD policy. One of these
mitigations would be a comprehensive BYOD policy. This policy would outline acceptable use, security
requirements, and consequences for noncompliance. Another tool we can use would be user training
and awareness. Conducting regular training sessions to educate employees on the security risks
associated with BYOD and the importance of keeping devices updated with strong passwords and the
avoidance of risky behaviors. Another action we can take is to perform regular security audits on
devices connected through the BYOD policy. This would include periodic checks of device
configurations, security settings, and compliance with company policies.
First Mitigation for Mobile devices
With the employees traveling much of their time it is crucial we mitigate the risks found in the report.
One of these mitigations would be the mandatory use of a Virtual Private Network (VPN) for remote
employees. The VPN would encrypt data that is being transmitted between the employee’s device and
Page 2|5
C844 Task 2
WLAN Vulnerabilities
WLAN vulnerability A
The first vulnerability that I have found for Alliah has to do with the access points, specifically the Access
point that services the patio. The patio access point is in a public or semipublic area making it accessible
to individuals outside of the company. The patio access point might extend the WLAN signal beyond the
intended boundaries providing a golden opportunity for unauthorized individuals in close contact to
connect to the network. There was no mention of proper network segmentation or standard encryption
standards being used which further fuel the danger of having this access point transmitted to a public
area. With the patio being a place where employees can also use their own devices this only further
increases the chances of a security event taking place.
WLAN vulnerability B
The second vulnerability has to do with the overall BYOD policy. The Bring your own device policy at
Alliah has no standard rules. Anyone can bring any device and use it to work. While this policy provides
flexibility, it introduces a plethora of vulnerabilities. Employees personal devices may not have the same
level of security controls as company-owned devices. Employees can install any application at they can
also have outdated operating systems or lack of proper security configurations. The risks associated
with having employee BYOD devices be used for work without proper vetting can lead to massive
security incidents due to potential malware and vulnerabilities their systems can bring in. Also due to
the unpredictability of what employees are doing on their devices, the BYOD policy has a huge ever-
changing vulnerability.
Mobile Vulnerabilities
Vulnerability for Mobile devices A
In the report it is mentioned that there are 5 employees who travel 80% of the time. In the report there
is no mention of how these employees ensure that they are safeguarding company information when
the data is in motion. The devices they are using are exposed to various networks and environments
making them especially vulnerable to potential security threats. For instance, if an employee connects
to an unsecured public Wi-Fi network without using a tool like a VPN to protect the information it can
lead to information transmitted over network to be intercepted. This interception can lead to business
secrets being stolen or being used for potential extortion.
Page 1|5
, C844 Task WGU 2: WLAN & Mobile Vulnerabilities and Mitigation Strategies
Second vulnerability for Mobile devices
With Alliah’s 5 employees traveling 80% of the time with 3 devices each there was no mention of any
standards being used to secure those devices in the event they are lost or stolen. With the devices being
exposed to new environments most of the time this makes them prime targets for unauthorized access
of theft. These devices being lost or stolen can lead to business data being stolen or it can also lead to
data breaches in the company. The lack of any encryption requirements or a central management
system means that the data on these devices can fall into the wrong hands or be lost. Another huge risk
is that if these devices fall into the wrong hands with no protection, they can be used for phishing and
impersonation attacks as well leading to potential financial losses.
Mitigation
First Mitigation for WLAN
There are a few steps we can take to mitigate the risk with our patio access point. One would be
network segmentation we would isolate the patio network from the internal corporate network. This
would be achieved using the existing firewalls and using the managed switch to set up VLAN’s
restricting communication between the patio area and more sensitive parts of the network. Another
mitigation would be to ensure encryption standards are being used. We would use WPA2 or WPA3 to
secure wireless communication and protect against unauthorized access and data interception. Finally,
we would monitor the patio connection and implement intrusion detection. We would implement
monitoring tools and intrusion detection systems such as snort to view network traffic and ensure no
malicious traffic is being transmitted into the patio network. This proactive approach will help identify
security incidents before they escalate.
Second Mitigation WLAN
There are various ways we can mitigate the risks associated with the BYOD policy. One of these
mitigations would be a comprehensive BYOD policy. This policy would outline acceptable use, security
requirements, and consequences for noncompliance. Another tool we can use would be user training
and awareness. Conducting regular training sessions to educate employees on the security risks
associated with BYOD and the importance of keeping devices updated with strong passwords and the
avoidance of risky behaviors. Another action we can take is to perform regular security audits on
devices connected through the BYOD policy. This would include periodic checks of device
configurations, security settings, and compliance with company policies.
First Mitigation for Mobile devices
With the employees traveling much of their time it is crucial we mitigate the risks found in the report.
One of these mitigations would be the mandatory use of a Virtual Private Network (VPN) for remote
employees. The VPN would encrypt data that is being transmitted between the employee’s device and
Page 2|5
