WGU C 844 Task 2
A. Explain 2 WLAN vulnerabilities that present risks for Alliah, based on the details in
the below scenario.
• 1st WLAN vulnerability I would talk about would be the access point at the back patio.
This access point could pose a danger to the security of the network due to its location
and strength of the signal. An attacker could go around the company looking for Wi-Fi
signals, plotting them on a map once found. This attack is called Wardriving; This
occurs when attackers use software and hardware to locate unsecure wireless networks
and possibly gain access to them.
• The second vulnerability I would point out is the website servers that are located 100
miles from the Alliah headquarters. The company did not mention that they use any
encryption methods to protect their connection / communication with the servers. This
can lead to traffic being sent unencrypted which can allow an attacker to intercept and
change the data with a man in the middle attack.
B. Describe two mobile vulnerabilities that present risks for Alliah, based on the details in
the scenario.
• The first mobile vulnerability I would point out is the five employees that use company
issued laptop, smartphone, and tablet. These devices could be lost or stolen while these
employees are on the road. It is not stated that the data on these devices would be
protected if they were stolen or lost.
• The second mobile vulnerability that needs to be pointed out would be the employee’s
personal mobile devices. On company owned devices updates can be managed and
mandated. On BYOD environments mobile devices are usually several updates behind
which can cause a personal mobile device to fall victim too a browser exploit by simply
visiting an unsafe webpage, this can allow malware to be installed on the device.
C. Summarize the steps for mitigating each identified WLAN and mobile vulnerability,
including the specific tools or documentation that will be needed for mitigation.
• To mitigate the wardriving vulnerability there are multiple ways you can protect your
network from this type of attack. Alliah’s IT personnel should disable SSID broadcast for
the patio access point. This will make your wireless network less visible to hackers. I
would ensure that the company uses the highest encryption standard possible like WPA2
or WPA3. Depending on how protected the company wants to be they could set up a
guest network for the access point on the patio, this will ensure that if any attacker gains
access to that part of the network that it will be separate from the company’s internal
data.
A. Explain 2 WLAN vulnerabilities that present risks for Alliah, based on the details in
the below scenario.
• 1st WLAN vulnerability I would talk about would be the access point at the back patio.
This access point could pose a danger to the security of the network due to its location
and strength of the signal. An attacker could go around the company looking for Wi-Fi
signals, plotting them on a map once found. This attack is called Wardriving; This
occurs when attackers use software and hardware to locate unsecure wireless networks
and possibly gain access to them.
• The second vulnerability I would point out is the website servers that are located 100
miles from the Alliah headquarters. The company did not mention that they use any
encryption methods to protect their connection / communication with the servers. This
can lead to traffic being sent unencrypted which can allow an attacker to intercept and
change the data with a man in the middle attack.
B. Describe two mobile vulnerabilities that present risks for Alliah, based on the details in
the scenario.
• The first mobile vulnerability I would point out is the five employees that use company
issued laptop, smartphone, and tablet. These devices could be lost or stolen while these
employees are on the road. It is not stated that the data on these devices would be
protected if they were stolen or lost.
• The second mobile vulnerability that needs to be pointed out would be the employee’s
personal mobile devices. On company owned devices updates can be managed and
mandated. On BYOD environments mobile devices are usually several updates behind
which can cause a personal mobile device to fall victim too a browser exploit by simply
visiting an unsafe webpage, this can allow malware to be installed on the device.
C. Summarize the steps for mitigating each identified WLAN and mobile vulnerability,
including the specific tools or documentation that will be needed for mitigation.
• To mitigate the wardriving vulnerability there are multiple ways you can protect your
network from this type of attack. Alliah’s IT personnel should disable SSID broadcast for
the patio access point. This will make your wireless network less visible to hackers. I
would ensure that the company uses the highest encryption standard possible like WPA2
or WPA3. Depending on how protected the company wants to be they could set up a
guest network for the access point on the patio, this will ensure that if any attacker gains
access to that part of the network that it will be separate from the company’s internal
data.