Task 2 – Alliah Security Plan
WGU C844 Emerging Technologies in Cybersecurity Task 2
|Latest Update with Complete Solution
Jacob Tessers
Professor Stauber
C844 – Emerging Technologies in Cybersecurity
May 5, 2025
Dear Alliah management,
As you know, I have been tasked to shine a spotlight on vulnerabilities pertaining to our WLAN and
mobile devices I have uncovered through my investigation process. While these vulnerabilities can be
concerning, I will include several mitigation recommendations as well as prevention methodologies. It
will be important to implement these fixes before going public to mitigate potential risks in the future.
I. Endpoint Attacks
In regards to WLAN connections, there are two major vulnerabilities the IT team is currently
concerned with, the first being Endpoint Attacks. These attacks include “end users”, which means that
any person connecting to the servers is a potential risk factor. Employees using laptops or mobile
devices, clients accessing the app or website with affected software or devices, as well as internet access
points. These endpoints are doorways to both corporate and personal data. Data breaches are
extremely costly, with an average pricetag of $9.05 million for US companies.
As we look at mitigation techniques to prevent these endpoint attack, there are several steps we
can implement to ensure we are secure. These steps include implementing policies that can be enforced
on a company-wide basis. To best mitigate the risk of endpoint attacks, we should educate users with
regular security, compliance, and alerts, track devices that connect to our network, and implement a
policy of least privilege, which means that employees only have access to company resources that are
essential for their roles (Microsoft Security).
, Task 2 – Alliah Security Plan
II. DDOS Attacks
The second WLAN vulnerability we need to address is the potential of Distributed Denial of
Service attacks. These attacks usually occur due to a trojan virus infecting systems and from there,
packets of data are sent rapidly to servers from multiple locations and at the same time. This causes a
complete service outage for both the website and the application. Ransonware is often packaged within
the virus and these attacks may not end until a ransom is paid. Each DDoS attack costs as much as $218k
without factoring in ransomware costs (Newman).
As it pertains to mitigation of DDOS attacks, it is extremely important that these attacks are
identified quickly. Certain technologies or services can be implemented to alert the system when heavy
traffic is coming into the servers and applications. Additionally, the firewall and router configuration
should be investigated to ensure false traffic is rejected (GeeksforGeeks). As a final note on DDOS attack
mitigation, one of the most simple steps, yet likely the most important, is to ensure all devices and
softwares that Alliyah utilizes are updated completely and often.
III. Lost/Stolen Devices
Moving on to mobile devices, two additional vulnerabilities need to be addressed. First, with the
risk of lost devices. With remote or hybrid caregivers, especially with access to services from cellular
devices, the risk that devices are lost or stolen is high. If these devices are not properly protected,
company data can be altered, stolen, or deleted.
When we utilize remote employees, the risk that devices are lost or stolen will always be there.
For this reason, we should adopt a remote lock and mobile wipe software. Once an employee reports
that their device is missing, those with the access can start wit a remote lock of the lost/stolen device.
This allows the time for the reporting employee to investigate whether the physical device can be
WGU C844 Emerging Technologies in Cybersecurity Task 2
|Latest Update with Complete Solution
Jacob Tessers
Professor Stauber
C844 – Emerging Technologies in Cybersecurity
May 5, 2025
Dear Alliah management,
As you know, I have been tasked to shine a spotlight on vulnerabilities pertaining to our WLAN and
mobile devices I have uncovered through my investigation process. While these vulnerabilities can be
concerning, I will include several mitigation recommendations as well as prevention methodologies. It
will be important to implement these fixes before going public to mitigate potential risks in the future.
I. Endpoint Attacks
In regards to WLAN connections, there are two major vulnerabilities the IT team is currently
concerned with, the first being Endpoint Attacks. These attacks include “end users”, which means that
any person connecting to the servers is a potential risk factor. Employees using laptops or mobile
devices, clients accessing the app or website with affected software or devices, as well as internet access
points. These endpoints are doorways to both corporate and personal data. Data breaches are
extremely costly, with an average pricetag of $9.05 million for US companies.
As we look at mitigation techniques to prevent these endpoint attack, there are several steps we
can implement to ensure we are secure. These steps include implementing policies that can be enforced
on a company-wide basis. To best mitigate the risk of endpoint attacks, we should educate users with
regular security, compliance, and alerts, track devices that connect to our network, and implement a
policy of least privilege, which means that employees only have access to company resources that are
essential for their roles (Microsoft Security).
, Task 2 – Alliah Security Plan
II. DDOS Attacks
The second WLAN vulnerability we need to address is the potential of Distributed Denial of
Service attacks. These attacks usually occur due to a trojan virus infecting systems and from there,
packets of data are sent rapidly to servers from multiple locations and at the same time. This causes a
complete service outage for both the website and the application. Ransonware is often packaged within
the virus and these attacks may not end until a ransom is paid. Each DDoS attack costs as much as $218k
without factoring in ransomware costs (Newman).
As it pertains to mitigation of DDOS attacks, it is extremely important that these attacks are
identified quickly. Certain technologies or services can be implemented to alert the system when heavy
traffic is coming into the servers and applications. Additionally, the firewall and router configuration
should be investigated to ensure false traffic is rejected (GeeksforGeeks). As a final note on DDOS attack
mitigation, one of the most simple steps, yet likely the most important, is to ensure all devices and
softwares that Alliyah utilizes are updated completely and often.
III. Lost/Stolen Devices
Moving on to mobile devices, two additional vulnerabilities need to be addressed. First, with the
risk of lost devices. With remote or hybrid caregivers, especially with access to services from cellular
devices, the risk that devices are lost or stolen is high. If these devices are not properly protected,
company data can be altered, stolen, or deleted.
When we utilize remote employees, the risk that devices are lost or stolen will always be there.
For this reason, we should adopt a remote lock and mobile wipe software. Once an employee reports
that their device is missing, those with the access can start wit a remote lock of the lost/stolen device.
This allows the time for the reporting employee to investigate whether the physical device can be
