WGU D482 TASK 1 QUESTIONS
AND ANSWERS WITH COMPLETE
SOLUTIONS 100% CORRECT
RATED A+ NEWLY UPDATED
2025/2026
, lOMoAR cPSD| 54339004
D482
Task 1
Martin Whitcomb
Student ID: 000767423
Company A has identified multiple network and infrastructure vulnerabilities. Identified
network security vulnerabilities include all network users have local administrative privileges
and use only eight-character passwords. Hardware vulnerabilities are end of life equipment
being utilized as well as open port 3389.
Users having local administrative privileges is a network security issue. Allowing all users to
have this level of privilege has a moderate vulnerability risk. Company A should deploy the
concept of least privilege to mitigate the likelihood of nefarious actors accessing the company
network. “The Principle of Least Privilege (POLP) is widely recognized as a security concept that
enforces giving an identity (a person or machine identity) only the permissions that are essential
to performing its intended function. If an identity does not need the authorization, they should
not possess it. It is implemented to minimize the cloud attack surface and protect data by
mitigating the number of opportunities for exploitation via permissions.” (Shea, Tally, (2023,
November 30). What’s Least Privilege? How to Implement & Stay There. Retrieved from
https://sonraisecurity.com/blog/principle-least-privilege/ ).
The requirement that users only use eight-character passwords is another Company A
vulnerability and is considered a high likelihood risk. A recent study has found that an
eightcharacter password only takes approximately five minutes to crack. (Whitney, Lance,
(2023, August 7). How an 8-Character Password Could be Cracked in Just a Few Minutes.
Retrieved from https://www.techrepublic.com/article/how-an-8-character-password-couldbe-
cracked-in-less-than-an-hour/). “Security experts keep advising us to create strong and complex
passwords to protect our online accounts and data from savvy cybercriminals. And “complex”
typically means using lowercase and uppercase characters, numbers, and even special symbols.”
(Whitney).
The fact that Company A is a global financial company puts it at a greater risk of nefarious
activity by hackers and the like. Implementing and enforcing complex passwords can reduce the
risk of identity theft and financial fraud of those entrusting Company A with their financial
information. An example of a recent financial institution hacking is what occurred at Block
which resulted in 8.2 million customers having their financial information compromised. The
exposed information was not just personal identification information but also brokerage
account data and credit card information. (Kost, Edward, (2023, August 3). 10 Biggest Data
Breaches in Finance. Retrieved from https://www.upguard.com/blog/biggest-databreaches-
financial-services). These types of breach not only impact the customer it affects the company
in form of reputation, stock value (if applicable), and fine/fees.
Company A identified a hardware vulnerability of the use of end-of-life (“EOL”) equipment being
used. The use of equipment that is at or past EOL creates a high risk to the Company as it is no
AND ANSWERS WITH COMPLETE
SOLUTIONS 100% CORRECT
RATED A+ NEWLY UPDATED
2025/2026
, lOMoAR cPSD| 54339004
D482
Task 1
Martin Whitcomb
Student ID: 000767423
Company A has identified multiple network and infrastructure vulnerabilities. Identified
network security vulnerabilities include all network users have local administrative privileges
and use only eight-character passwords. Hardware vulnerabilities are end of life equipment
being utilized as well as open port 3389.
Users having local administrative privileges is a network security issue. Allowing all users to
have this level of privilege has a moderate vulnerability risk. Company A should deploy the
concept of least privilege to mitigate the likelihood of nefarious actors accessing the company
network. “The Principle of Least Privilege (POLP) is widely recognized as a security concept that
enforces giving an identity (a person or machine identity) only the permissions that are essential
to performing its intended function. If an identity does not need the authorization, they should
not possess it. It is implemented to minimize the cloud attack surface and protect data by
mitigating the number of opportunities for exploitation via permissions.” (Shea, Tally, (2023,
November 30). What’s Least Privilege? How to Implement & Stay There. Retrieved from
https://sonraisecurity.com/blog/principle-least-privilege/ ).
The requirement that users only use eight-character passwords is another Company A
vulnerability and is considered a high likelihood risk. A recent study has found that an
eightcharacter password only takes approximately five minutes to crack. (Whitney, Lance,
(2023, August 7). How an 8-Character Password Could be Cracked in Just a Few Minutes.
Retrieved from https://www.techrepublic.com/article/how-an-8-character-password-couldbe-
cracked-in-less-than-an-hour/). “Security experts keep advising us to create strong and complex
passwords to protect our online accounts and data from savvy cybercriminals. And “complex”
typically means using lowercase and uppercase characters, numbers, and even special symbols.”
(Whitney).
The fact that Company A is a global financial company puts it at a greater risk of nefarious
activity by hackers and the like. Implementing and enforcing complex passwords can reduce the
risk of identity theft and financial fraud of those entrusting Company A with their financial
information. An example of a recent financial institution hacking is what occurred at Block
which resulted in 8.2 million customers having their financial information compromised. The
exposed information was not just personal identification information but also brokerage
account data and credit card information. (Kost, Edward, (2023, August 3). 10 Biggest Data
Breaches in Finance. Retrieved from https://www.upguard.com/blog/biggest-databreaches-
financial-services). These types of breach not only impact the customer it affects the company
in form of reputation, stock value (if applicable), and fine/fees.
Company A identified a hardware vulnerability of the use of end-of-life (“EOL”) equipment being
used. The use of equipment that is at or past EOL creates a high risk to the Company as it is no
