Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CompTIA Exam SY0-701 Topic 1 Question 4 Discussion

Actual exam question for CompTIA's SY0-701 exam
Question #: 4
Topic #: 1
[All SY0-701 Questions]

A security analyst scans a company's public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?

Show Suggested Answer Hide Answer
Suggested Answer: B

A VPN is a virtual private network that creates a secure tunnel between two or more devices over a public network. A VPN can encrypt and authenticate the data, as well as hide the IP addresses and locations of the devices. A jump server is a server that acts as an intermediary between a user and a target server, such as a production server. A jump server can provide an additional layer of security and access control, as well as logging and auditing capabilities. A firewall is a device or software that filters and blocks unwanted network traffic based on predefined rules. A firewall can protect the internal network from external threats and limit the exposure of sensitive services and ports. A security analyst should recommend setting up a VPN and placing the jump server inside the firewall to improve the security of the remote desktop access to the production network.This way, the remote desktop service will not be exposed to the public network, and only authorized users with VPN credentials can access the jump server and then the production server.Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 8: Secure Protocols and Services, page 382-3831; Chapter 9: Network Security, page 441-4421


by Teri at Dec 24, 2023, 02:08 AM

Limited Time Offer

25%

Off

Get Premium SY0-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Tawanna
8 months ago
Guys, I hate to be that person, but have you considered option D? Connecting the remote server to the domain and increasing the password length could be a simple yet effective way to tighten security. Just a thought.
upvoted 0 times
...
Leonie
8 months ago
Ah, I see where you're coming from, but I think option C is the way to go. Using a proxy for the web connections from the remote desktop server could help monitor and control the traffic, without the overhead of a full VPN setup.
upvoted 0 times
...
Clemencia
8 months ago
Hmm, I see what you mean, but I'm not sure a VPN is the best solution here. Changing the port to a non-standard number (option A) could be a quick fix and make it harder for attackers to find the remote desktop.
upvoted 0 times
Delila
7 months ago
Let's go with changing the port to a non-standard number as the recommended change for now.
upvoted 0 times
...
Idella
7 months ago
I agree, it's a quick fix that could make it harder for attackers to gain unauthorized access.
upvoted 0 times
...
Agustin
8 months ago
I think changing the port to a non-standard number is a good first step to take in securing the remote desktop.
upvoted 0 times
...
Danilo
8 months ago
Connecting the remote server to the domain and increasing the password length could make it more secure, too.
upvoted 0 times
...
Buddy
8 months ago
Using a proxy for web connections from the remote desktop server could also help mask the server's location.
upvoted 0 times
...
Johana
8 months ago
But setting up a VPN and placing the jump server inside the firewall might add an extra layer of protection.
upvoted 0 times
...
Tracey
8 months ago
I agree, changing the port to a non-standard number could definitely help increase security.
upvoted 0 times
...
...
Karl
8 months ago
This is a tricky one. The remote desktop access is a major security risk, so we need to take decisive action. I'm leaning towards option B - setting up a VPN and placing the jump server inside the firewall. That way, we can control and monitor the connection more effectively.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77