Lab8 1 Some Common Risks
Lab-8
1.
Some common risks, threats, and vulnerabilities commonly found in the Remote Access Domain that must be mitigated through a layered security strategy are:
• Private data or confidential data is compromised remotely (Kim & Solomon, 2012).
• Unauthorized remote access to IT systems, applications, and data (Kim & Solomon, 2012).
• Mobile worker laptop is stolen (Kim & Solomon, 2012).
• Multiple logon retries and access control attacks (Kim & Solomon, 2012).
2.
The deny-by-default rulesets for incoming traffic should be placed on host-based firewalls when accessing the network remotely to prevent malware incidents (Wikia, n.d.).
3.
Risks, threats, and vulnerabilities introduced by implementing a Remote Access Server are:
• External hosts gain access to internal resources (Scarfone, Hoffman, & Souppaya, 2009)
• An unauthorized user eavesdrops on remote access communications and manipulate them using a compromised server (Scarfone, Hoffman, & Souppaya, 2009)
• Partially patched remote access servers (Scarfone, Hoffman, & Souppaya, 2009)
4.
Using multi-factor authentication is a recommended best practice when implementing a Remote Access Policy server user authentication service (Scarfone, Hoffman, & Souppaya, 2009).
5.
A Remediation Local Area Network (LAN) is a network with devices like a Remediation Server that quarantines non-compliant computers from an untrusted LAN to a trusted LAN. While being quarantined, these non-compliant computers get repairs for.
6.
The Remediation Server provides the approved compliant settings templates for the clients. A noncompliant device needs to meet policy compliance and remediation is performed before it is allowed into the trusted network. For remote access clients, authorized and unauthorized network traffic will use separate security domains such as Virtual Local Area Networks.
7.
Distinguish between VPN server, VPN client, VPN router, and SSL VPNS. It is a dedicated tunnel from one endpoint to
1.
Some common risks, threats, and vulnerabilities commonly found in the Remote Access Domain that must be mitigated through a layered security strategy are:
• Private data or confidential data is compromised remotely (Kim & Solomon, 2012).
• Unauthorized remote access to IT systems, applications, and data (Kim & Solomon, 2012).
• Mobile worker laptop is stolen (Kim & Solomon, 2012).
• Multiple logon retries and access control attacks (Kim & Solomon, 2012).
2.
The deny-by-default rulesets for incoming traffic should be placed on host-based firewalls when accessing the network remotely to prevent malware incidents (Wikia, n.d.).
3.
Risks, threats, and vulnerabilities introduced by implementing a Remote Access Server are:
• External hosts gain access to internal resources (Scarfone, Hoffman, & Souppaya, 2009)
• An unauthorized user eavesdrops on remote access communications and manipulate them using a compromised server (Scarfone, Hoffman, & Souppaya, 2009)
• Partially patched remote access servers (Scarfone, Hoffman, & Souppaya, 2009)
4.
Using multi-factor authentication is a recommended best practice when implementing a Remote Access Policy server user authentication service (Scarfone, Hoffman, & Souppaya, 2009).
5.
A Remediation Local Area Network (LAN) is a network with devices like a Remediation Server that quarantines non-compliant computers from an untrusted LAN to a trusted LAN. While being quarantined, these non-compliant computers get repairs for.
6.
The Remediation Server provides the approved compliant settings templates for the clients. A noncompliant device needs to meet policy compliance and remediation is performed before it is allowed into the trusted network. For remote access clients, authorized and unauthorized network traffic will use separate security domains such as Virtual Local Area Networks.
7.
Distinguish between VPN server, VPN client, VPN router, and SSL VPNS. It is a dedicated tunnel from one endpoint to