Audit2E_Lab08_AW_975625181e9f4c2eac1c2c9a231d968a.pdf

68 LAB #8 | Auditing the Remote Access Domain for Compliance

Lab #8 – Assessment Worksheet

Auditing the Remote Access Domain for Compliance
Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you learned how to audit the Remote Access Domain. You identified common risks,
threats, and vulnerabilities found in the Remote Access Domain, you assessed common risks,
threats, and vulnerabilities found in the Remote Access Domain, you identified network and
security policies needed to properly secure the Remote Access Domain portion of the network
infrastructure, and you audited and assessed the implementation of security controls in the
Remote Access Domain.

Lab Assessment Questions & Answers

1. What are some common risks, threats, and vulnerabilities found in the Remote Access Domain
that must be mitigated through a layered security strategy?

2. What default configuration should be placed on host-based firewalls when accessing the network

remotely?

3. What risks, threats, and vulnerabilities are introduced by implementing a remote access server?

4. What is a recommended best practice when implementing a remote access policy server user
authentication service?

69

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Student Lab Manual

5. What is a Remediation LAN?

6. Explain the concept of a Remediation Server and traffic separation as it relates to remote access.

7. What is a VPN? Distinguish between VPN server, VPN client, VPN router, and Secure Sockets
Layer (SSL) VPNs.

8. What is the difference between a tunnel-mode VPN and a split-tunneling VPN?

9. According to the Remote Access Policy STIG, what personally owned devices are considered
acceptable to perform privileged (administrative) tasks on a DoD network?

10. When connected to a public network or shared public Internet access point, what are some
precautions that remote users should take to ensure confidentiality of communications?

11. What are the three types of remote access users as defined by the DoD in the Secure Remote
Computing STIG?

12. What are the additional elements required of a network architecture if the enclave is to support

remote access through the public Internet?

13. Name three security best practices for mobile workers as defined in the Secure Remote
Computing STIG.

14. True or false: A thin client is a PC or laptop without a hard drive or storage space.

70 LAB #8 | Auditing the Remote Access Domain for Compliance

15. What are the five elements of a Remote Access Security Readiness Review?

Course Name and Number:
Student Name:
Instructor Name:
Lab Due Date:
Question1:
Question2:
Question3:
Question4:
Question5:
Question6:
Question7:
Question9:
Question11:
Question13:
Question12:
Question10:
Question8:
Question14:
Question15: