1
WGU C769 Capstone Task 3: Identity Access & Endpoint Security in
Unsecured Environments | Passed on First Attempt |Latest Update with
Complete Solution
Implementing Identity Access Management and Endpoint Detection and Response in an
Unsecured Environment.
Stacy A. Woodard
Western Governors University
, 2
Table of Contents
Summary ....................................................................................................................................................... 3
Review of Other Work .................................................................................................................................. 6
Review Work 1.......................................................................................................................................... 6
Review Work 2.......................................................................................................................................... 6
Review Work 3.......................................................................................................................................... 7
Changes to the Project Environment ............................................................................................................. 8
Methodology ............................................................................................................................................... 10
Project Goals and Objectives....................................................................................................................... 13
Enhance Network Account Security.................................................................................................... 13
Install Endpoint Detection and Response ............................................................................................ 14
Implement Management of Privileged Accounts ................................................................................ 14
Project Timeline .......................................................................................................................................... 15
Unanticipated Requirements........................................................................................................................ 15
Conclusions ................................................................................................................................................. 16
Project Deliverables..................................................................................................................................... 17
References ................................................................................................................................................... 18
Appendix A ................................................................................................................................................. 19
MFA Account Enrollment Process.......................................................................................................... 19
Appendix B ................................................................................................................................................. 21
Privileged Account Management Policy ................................................................................................. 21
, 3
Summary
Empire Holdings, a privately-owned real estate company that has a significant presence along the
East Coast of the United States, recently underwent an acquisition by Moonrise Real Estate. In response
to this change, the company recognized the need to implement security controls to comply with the
changes in the policy on password complexity, account lockout, password aging, and the creation of a
privileged account management policy. Additionally, Moonrise Real Estate mandated the installation of
an endpoint detection and response (EDR) system on all company-owned computers and servers.
Upon conducting a security audit, several security issues were identified. The first issue pertained
to weak security around the network account login process. Specifically, all network accounts use single-
factor authentication, and Empire Holdings did not require user passwords to expire, nor were there any
minimum password length or complexity requirements in place. Furthermore, there was no user lockout
policy, which created an insecure network access environment.
The second issue identified in the security audit report was the lack of endpoint detection and
response software installed on company-owned computers and servers. The company relied on employees
to ensure that operating systems and software updates were installed on their computers, while the
DevOps team performed this function for servers. In response, Moonrise Real Estate mandated the
implementation of Cortex XDR to monitor the patching status of company-owned computers and servers,
providing a method for reporting on the level of risk in the environment.
The final security issue raised during the security audit review was the absence of management
controls for privileged accounts. At that time, there was no documented process to request a privileged
account, audit the use of these accounts, or specify who would be responsible for decommissioning these
WGU C769 Capstone Task 3: Identity Access & Endpoint Security in
Unsecured Environments | Passed on First Attempt |Latest Update with
Complete Solution
Implementing Identity Access Management and Endpoint Detection and Response in an
Unsecured Environment.
Stacy A. Woodard
Western Governors University
, 2
Table of Contents
Summary ....................................................................................................................................................... 3
Review of Other Work .................................................................................................................................. 6
Review Work 1.......................................................................................................................................... 6
Review Work 2.......................................................................................................................................... 6
Review Work 3.......................................................................................................................................... 7
Changes to the Project Environment ............................................................................................................. 8
Methodology ............................................................................................................................................... 10
Project Goals and Objectives....................................................................................................................... 13
Enhance Network Account Security.................................................................................................... 13
Install Endpoint Detection and Response ............................................................................................ 14
Implement Management of Privileged Accounts ................................................................................ 14
Project Timeline .......................................................................................................................................... 15
Unanticipated Requirements........................................................................................................................ 15
Conclusions ................................................................................................................................................. 16
Project Deliverables..................................................................................................................................... 17
References ................................................................................................................................................... 18
Appendix A ................................................................................................................................................. 19
MFA Account Enrollment Process.......................................................................................................... 19
Appendix B ................................................................................................................................................. 21
Privileged Account Management Policy ................................................................................................. 21
, 3
Summary
Empire Holdings, a privately-owned real estate company that has a significant presence along the
East Coast of the United States, recently underwent an acquisition by Moonrise Real Estate. In response
to this change, the company recognized the need to implement security controls to comply with the
changes in the policy on password complexity, account lockout, password aging, and the creation of a
privileged account management policy. Additionally, Moonrise Real Estate mandated the installation of
an endpoint detection and response (EDR) system on all company-owned computers and servers.
Upon conducting a security audit, several security issues were identified. The first issue pertained
to weak security around the network account login process. Specifically, all network accounts use single-
factor authentication, and Empire Holdings did not require user passwords to expire, nor were there any
minimum password length or complexity requirements in place. Furthermore, there was no user lockout
policy, which created an insecure network access environment.
The second issue identified in the security audit report was the lack of endpoint detection and
response software installed on company-owned computers and servers. The company relied on employees
to ensure that operating systems and software updates were installed on their computers, while the
DevOps team performed this function for servers. In response, Moonrise Real Estate mandated the
implementation of Cortex XDR to monitor the patching status of company-owned computers and servers,
providing a method for reporting on the level of risk in the environment.
The final security issue raised during the security audit review was the absence of management
controls for privileged accounts. At that time, there was no documented process to request a privileged
account, audit the use of these accounts, or specify who would be responsible for decommissioning these
