68 LAB #8 | Auditing the Remote Access Domain for Compliance
Lab #8 – Assessment Worksheet
Auditing the Remote Access Domain for Compliance
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you learned how to audit the Remote Access Domain. You identified common risks,
threats, and vulnerabilities found in the Remote Access Domain, you assessed common risks,
threats, and vulnerabilities found in the Remote Access Domain, you identified network and
security policies needed to properly secure the Remote Access Domain portion of the network
infrastructure, and you audited and assessed the implementation of security controls in the
Remote Access Domain.
Lab Assessment Questions & Answers
1. What are some common risks, threats, and vulnerabilities found in the Remote Access Domain
that must be mitigated through a layered security strategy?
2. What default configuration should be placed on host-based firewalls when accessing the network
remotely?
3. What risks, threats, and vulnerabilities are introduced by implementing a remote access server?
4. What is a recommended best practice when implementing a remote access policy server user
authentication service?
69
Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Student Lab Manual
5. What is a Remediation LAN?
6. Explain the concept of a Remediation Server and traffic separation as it relates to remote access.
7. What is a VPN? Distinguish between VPN server, VPN client, VPN router, and Secure Sockets
Layer (SSL) VPNs.
8. What is the difference between a tunnel-mode VPN and a split-tunneling VPN?
9. According to the Remote Access Policy STIG, what personally owned devices are considered
acceptable to perform privileged (administrative) tasks on a DoD network?
10. When connected to a public network or shared public Internet access point, what are some
precautions that remote users should take to ensure confidentiality of communications?
11. What are the three types of remote access users as defined by the DoD in the Secure Remote
Computing STIG?
12. What are the additional elements required of a network architecture if the enclave is to support
remote access through the public Internet?
13. Name three security best practices for mobile workers as defined in the Secure Remote
Computing STIG.
14. True or false: A thin client is a PC or laptop without a hard drive or storage space.
70 LAB #8 | Auditing the Remote Access Domain for Compliance
15. What are the five elements of a Remote Access Security Readiness Review?
Course Name and Number:
Student Name:
Instructor Name:
Lab Due Date:
Question1:
Question2:
Question3:
Question4:
Question5:
Question6:
Question7:
Question9:
Question11:
Question13:
Question12:
Question10:
Question8:
Question14:
Question15:
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more