6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

WGU C844
EMERGING
TECHNOLOGIES IN
CYBERSECURITY
Performance Assessment GRP-1 Task 2

about:blan 1
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

Table of Contents
A. Wireless Local Area Network (WLAN) Vulnerabilities...............................................................2
B. Mobile Device Vulnerabilities......................................................................................................2
C. Steps for Mitigation.......................................................................................................................3
D. Preventative Measures...................................................................................................................4
E. Recommended Solution for Bring Your Own Device (BYOD)....................................................4
F. Cited Sources..................................................................................................................................5

about:blan 2
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

A. Wireless Local Area Network (WLAN) Vulnerabilities

Within this section I will point specifically point out some of the potential Wireless Local Area
Network (WLAN) vulnerabilities found during the initial review of the Alliah corporate
headquarters. Even though these two vulnerabilities are the focus this WLAN Vulnerabilities
section, a further, in-depth inspection and assessment may lead to others as well. Below are the
two vulnerabilities that should be considered the first and foremost that should be considered to
contain the most impact to the network infrastructure, corporate data, and employees and I
recommend to address at the earliest stages.

• The third floor is vacant for expansion, this space could easily house a rogue access point
used for Man-in-the-Middle (MITM) attacks and data capture wherein “an attacker
deploys an access point (AP) that has been configured to appear as part of an
organization’s WLAN infrastructure” (NIST Special Publication 800-153, Guideline to
Securing Wireless Local Area Networks (WLANs), 2012). If this unoccupied space is
not secured, monitored, and inspected during both scheduled and unscheduled time
periods a malicious actor could install and configure unknown wireless access points
(WAP) for use as network/data monitoring and capture and to launch MITM attacks.

• The patio area used by the employees could also be considered a vulnerability depending
on the strength of the wireless network signal. Wireless sniffers can “sniff” out and find
wireless networks and launch attacks and capture network traffic and corporate data. If
the network signal extends into and past the boundaries of the Alliah external
surroundings, mobile attackers using Wardriving and Warchalking techniques, “driving
around office parks with attempting to connect to open access points” (NIST Special
Publication 800-42 Guideline on Network Security Testing, 2003 and SP 800-115
Technical Guide to Information Security Testing and Assessment, 2008). This technique
could be used to identify and access the Alliah network and also mark it for other
potential malicious actors.

While these above topics are but two examples, once again a thorough inspection of the Alliah
headquarters and system security policies may provide additional vulnerabilities found that
would need to be mitigated.

B. Mobile Device Vulnerabilities

about:blan 3
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

Within this section I will draw attention to two vulnerabilities associated with mobile device use
within the Alliah corporation. In today’s society, the use of mobile devices are a wide-set
phenomenon that allows users to perform productivity actions virtually anywhere. Tasks can be
accomplished in areas that have and do not have network connectivity and afterwards, once
connecting to a network, those tasks and task updates can simply be uploaded to corporate or
cloud networks or emailed to the intended recipient or group. But with these abilities, also come
risks that must be mitigated to prevent the loss/theft of equipment, data or both.

• Loss or theft of mobile devices is a concern for all corporate members of Alliah,
whether the device is corporately owned or privately owned since Alliah allows a BYOD
policy. Mobile devices, as this name would indicate, provide a user to move around from
one
location to another with the device. This opens the possibility for the owner to lose or
forget the device at any number of locations such as a local coffee shop or even within
the within the confines of the Alliah corporate headquarters itself. The ability to transport
and use the devices in public areas such as airports, coffee shops, hotel rooms and
conferences also present the opportunity for possible theft of these devices.

• Remote connections to the Alliah corporate resources are a concern as the company has
five account representatives that are away from the corporate headquarters at least 80%
of the time. All users that utilize a public Wi-Fi connection are placing the data on the
device as well as while in transmission at a risk and could be easily captured, stolen, and
redirected to another destination.

C. Steps for Mitigation

Having a plan to mitigate risks and their associated vulnerabilities is an essential process that the
Alliah corporation must implement. Most risks cannot be completely eliminated but can be
reduced through a risk mitigation plan, the level of exposure to the potential vulnerability can be
lessened to a point of acceptability. “Organizations should conduct risk assessments to identify
the threats against their WLANs” (NIST Special Publication 800-153 Guidelines for Securing
Wireless Local Area Networks (WLANs), 2012). To assist with risk mitigation of the specified
vulnerabilities found for the wireless local area network and mobile devices, I have listed some
of the available options below for consideration.

• For the unused vacant third floor of the Alliah corporate headquarters, security is a
concern and should addressed through the use of various types of locks, key fobs for
entry, closed circuit tv cameras, biometrics, and roaming security forces that will
physically inspect the vacant areas. “Organizations with WLANs should conduct regular

about:blan 4
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

periodic technical WLAN security assessments.” (NIST Special Publication 800-153

Guideline to Securing Wireless Local Area Networks (WLANs), 2012).

• The open patio area should be evaluated to ensure that the network signal does not
exceed the boundaries of the building and if so, ensure a very limited distance of signal is
available. Also, “the use of more robust security techniques in the network, such as the
WPA (Wi-Fi Protected Access) or RSN (Robust Security Network)” (NIST Special
Publication 800-42 Guideline on Network Security Testing 2003 and SP 800-115
Technical Guide to Information Security Testing and Assessment, 2008) should be
implemented for data in transmit protection.

• Losses or theft of mobile devices is harder to prevent but in the event of such an incident,
remote wiping should be enabled as well as the Bitlocker encryption or Trusted Platform
Module encryption enabled on the mobile device. It is recommended that “System
configuration of a mobile devices enabling device encryption are completed prior to
issuing the device to the user” (NIST Special Publication 800-124 Rev2, 2020).

• For the members utilizing remote or public Wi-Fi access to Alliah resources, a Virtual
Private Network must be used for network security. The use of a VPN will protect “data
flowing between the client device and the organization from being viewed by others”
(NIST Special Publication 800-124 Rev2, 2020).

Upon implementation of a risk assessment and mitigation plan, a team should be elected to
monitor and review such plan at both specified and unspecified time periods. Doing this will
allow for updates to the plan when necessary and is used to identify new and emerging
vulnerabilities and risks to the Alliah assets.

D. Preventative Measures

The practice of preventative measures begins with performing an honest assessment of the
practices, procedures, and policies within the Alliah corporation. A team can be appointed to do
the assessment but, in the end, must also be supported by higher level of management to approve
the actions suggested by the team. Below are some suggestions for preventative measures that
should be addressed to assist with the security of Alliah and its assets.

• Preventative measures begin with employee training. “Security awareness training for
personnel to ensure that they understand that poor system configuration and poor security

about:blan 5
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

practices can place data in danger” (NIST Special Publication 800-42 Guidelines for
Network Security Testing (2003) SP 800-115 Technical Guide to Information Security
Testing and Assessment, 2008).

• The use of a strong password policy, coupled with a set password expiration and
password history will also ensure that if a password is compromised and not the threat is
not detected, then the password will expire within a short period and the user would not
be able to utilize the same password over. “On systems that support password filters, the
filters should be set so as to force the use of strong passwords” (NIST Special
Publication 800-42 Guidelines for Network Security Testing (2003) SP 800-115
Technical Guide to Information Security Testing and Assessment, 2008).

The Cybersecurity and Infrastructure Security Agency (CISA), National Cybersecurity and
Communications Integration Center (NCCIC), US-Cert provides recommendations for the
creation and management for strong password policy implementation (https://us-
cert.cisa.gov/ncas/current-activity/2018/03/27/Creating-and-Managing-Strong-Passwords).

• Multi-factor authentication

• Use different passwords on different systems and accounts

• Don’t use passwords based on personal information

The NCCIC/US-Cert also provides many links to how to supplement passwords and best
practices for those implementing a newly developed system security policy within their
organization.

If Alliah provides any services that require financial transactions and processes payment card
information, then Alliah is also subject to the regulation pertaining to the Payment Card
Industry Data Security Standard. PCI DSS information can be found at the following web link:
https://www.pcisecuritystandards.org. Some of the PCC DSS requirements is to “change default
passwords on vendor supplied devices, assign unique IDs to each person with access, restrict
physical access, employee training” (12 Requirements of PCI DSS, 2020). See the link
https://www.securitymetrics.com/blog/what-are-12-requirements-pci-dss-compliance for a short
list of twelve PCI DSS requirements and links for addition resources.

about:blan 6
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

Recommended for you Document continues below

TASK 1- NMAP AND Wireshark

11
Emerging Technologies in Cyber Security 100% (4)

Task 2 WLAN and Mobile Security Plan

4
Emerging Technologies in Cyber Security 100% (3)

Identity IQ Advanced Provisioning and Workflows 8.2 -

167
Student Exercises

Cyber Security 100% (4)

Linuxbook - Lecture notes 3

65
Cyber Security 100% (3)

about:blan 7
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

E. Recommended Solution for Bring Your Own

Device (BYOD)

If Alliah is devoted to the plan of implementing and continuing with a BYOD policy, acceptable
use policies must be implemented for personal devices. These acceptable use policies must state
that prior to connection to a corporate network or resource, the device will be scanned for the
availability of security elements such as anti-virus, firewall connections, etc and if the device is
found to be non-compliant, must be configured by the IT department prior to connection.
Employees must also agree to and accept that corporate data is not to be stored on the personal
device and of the consequences for non-compliance to this rule.

The use of a “remote access solution” (NIST Special Publication 800-46 Guide to Enterprise
Telework, Remote Access, and Bring Your Own Device (BYOD) Security, (2016) that scans the
devices and as a result of these scans, the device is either granted access to the network, denied
access, or possibly quarantined to a specific area so that deficiencies can be corrected can be
utilized within a BYOD environment.

F. Cited Sources
NIST Special Publication 800-153, Guideline to Securing Wireless Local Area Netoworks
(WLANs) 2012

NIST Special Publication 800-42 Guideline on Network Security Testing, 2003

NIST Special Publication 800-115 Technical Guide to Information Security Testing and
Assessment, 2008

NIST Special Publication 800-124 Rev2 Guidelines for Managing the Security of Mobile
Devices in the Enterprise, 2020

NIST Special Publication 800-46 Guide to Enterprise Telework, Remote Access, and Bring Your
Own Device (BYOD) Security, (2016)

about:blan 8
6/21/23, 11:18 AM C844 Emerging Technologies in Cybersecurity PA Task 2

The Cybersecurity and Infrastructure Security Agency (CISA), National Cybersecurity and
Communications Integration Center (NCCIC), US-Cert - Creation and management for
strong password policy implementation (2018) https://us-cert.cisa.gov/ncas/current-
activity/2018/03/27/Creating-and-Managing-Strong-Passwords

PCI DSS

https://www.pcisecuritystandards.org

12 Requirements of PCI
https://www.securitymetrics.com/blog/what-are-12-requirements-pci-dss-compliance

about:blan 9