D482 SECURE NETWORK DESIGN TASK 1 WESTERN GOVERNORS UNIVERSITY

Company A Security problems:
• Network Security Issues:
o As detailed within the risk assessment, Company A has many unsafe ports open within its
network. These ports include all ports from 21-90 and port 3389. Several of these ports
listed should be disabled within the network or disabled unless needed, as they are proven
unsafe and open up areas of potential attack. For one example, port 3389 is for the remote
desktop protocol. This port remotely connects to machines over the internet with a full
graphical interface. Several known vulnerabilities exist that take advantage of this port. This
should be disabled unless needed; at that point, only access by administrative users should
be approved.
o Currently, Company A is highly likely at risk with its password policy. As stated within the
risk assessment, the current password policy only has users using eight-character passwords.
This has been proven to be a poor security posture as passwords only eight characters in
length only take a short time to be brute forced if an attacker could obtain the hash values of
the user's passwords (Drapkin, 2023).
• Infrastructure Security Issues:
o Based on the risk assessment, we can see that Company A uses Meraki MR28s for their
wireless access points to connect their Windows laptops. This can be confirmed by utilizing
the provided network diagram. This access point has a few known vulnerabilities, such as
CVE-2022-33279 (Nist, 2024). This vulnerability could allow an attacker to execute
arbitrary code in the firmware running on an affected device or cause an Access Point to
reboot, resulting in a Denial-of-Service condition.
o As we can see from the risk assessment, Company A also has multiple pieces of equipment
at the end of its service life. This designation means that the equipment is no longer
supported by the vendor and, therefore, will not receive any further security updates and
provide further attack surfaces should an exploit be discovered in the final software version
of the equipment. A few examples of the equipment currently at their end of service life are
the previously mentioned Meraki access points and the Cisco 3750X switch the company is
using.
Company B Security Problems:
• Network Security Issues:
o As shown in the risk assessment for Company B, they currently have a critical vulnerability
for Distributed Ruby. This constitutes a high risk regarding remote code execution, as a
threat actor can utilize this vulnerability to gain access to the company systems and be able
to run arbitrary code remotely.
o Company B has a password policy that constitutes a high risk if a threat actor could gain
access to user passwords or even password hashes to brute force them. This is because
Company B does not enforce multi-factor authentication across all of its users. This
vulnerability can be confirmed within the risk identification section of the risk assessment.
Not enforcing this policy weakens the company's security posture as a threat actor can
access the company systems should they obtain a user password.
• Infrastructure Security Issues:
o Company B is showing a critical issue within its risk assessment regarding one of its
servers. This is specifically their server running Apache Tomcat, a well-known vulnerability
known as Ghostcat that allows an attacker to retrieve arbitrary files from anywhere within a
web application running on the server (Sethi, 2020).