WGU C844 GRP1 Task 2: WLAN and Mobile
Security Plan |Passed on First Attempt |Latest
Update with Complete Solution
A. Describe two WLAN vulnerabilities
a. The outdoor patio opens the company up to a Rogue access
point that could allow unintended network devices to join and
bypass the security of the current network.
b. If the Access Point on the Patio is not hidden, that means that
anyone nearby can see the SSID and attempt to connect through
brute force.
B. Describe two mobile vulnerabilities
a. Several employees travel 80% of the time. This puts them in a
more susceptible position to malware, viruses, or even
ransomware. They could then bring the payloads or viruses to
the rest of the network.
b. Utilizing BYOD is often not a great option, this opens the
company up to whatever the employee might have had on their
device prior and all the vulnerabilities that device may have
such as the chipset, lack of security updates, and installed
spyware.
C. Summarize the steps for mitigating each identified WLAN and mobile
vulnerability, including the specific tools or documentation that will be
needed for mitigation.
a. Implementing regular audits on the network to scan for rogue
access points using a vulnerability scanner and logging events
into a SIEM.
b. Configuring the WLAN connection on all company devices with
a group policy and utilizing PEAP along with AD authentication
would allow the SSID to be hidden and prevent brute forcing
since the attacker would need the SSID, a username, the domain
name, and a password to connect.
c. Rather than BYOD, create a CYOD (Choose your own device).
This would allow the employees to choose their own device, and
have the company then purchase and image the device with the
Security Plan |Passed on First Attempt |Latest
Update with Complete Solution
A. Describe two WLAN vulnerabilities
a. The outdoor patio opens the company up to a Rogue access
point that could allow unintended network devices to join and
bypass the security of the current network.
b. If the Access Point on the Patio is not hidden, that means that
anyone nearby can see the SSID and attempt to connect through
brute force.
B. Describe two mobile vulnerabilities
a. Several employees travel 80% of the time. This puts them in a
more susceptible position to malware, viruses, or even
ransomware. They could then bring the payloads or viruses to
the rest of the network.
b. Utilizing BYOD is often not a great option, this opens the
company up to whatever the employee might have had on their
device prior and all the vulnerabilities that device may have
such as the chipset, lack of security updates, and installed
spyware.
C. Summarize the steps for mitigating each identified WLAN and mobile
vulnerability, including the specific tools or documentation that will be
needed for mitigation.
a. Implementing regular audits on the network to scan for rogue
access points using a vulnerability scanner and logging events
into a SIEM.
b. Configuring the WLAN connection on all company devices with
a group policy and utilizing PEAP along with AD authentication
would allow the SSID to be hidden and prevent brute forcing
since the attacker would need the SSID, a username, the domain
name, and a password to connect.
c. Rather than BYOD, create a CYOD (Choose your own device).
This would allow the employees to choose their own device, and
have the company then purchase and image the device with the
