Your organization wants to provide virtual private network connectivity from outside the office, but additional security is required. The primary requirement is that each user is verified with a username, password, and a piece of information that physically identifies the user. What would be the most appropriate solution for this requirement?
A) Specially configured BIOS settings on each remote device
B) Installation of anti-virus and anti-spyware software on each remote device
C) Daily Windows event viewer reports
D) A token-generator synchronized with each end user
The answer: D) A token-generator synchronized with each end user
A pseudo-random token generator verifies that a user knows their username, password, and is in physical ownership of the token generation device. Although each user needs a physical device, the remote access to the organization’s network is restricted to something the user knows (their username and password) and something they physical possess (their token generator).
The incorrect answers:
A) Specially configured BIOS settings on each remote device
Specialized BIOS password settings wouldn’t necessarily physically identify the user, since BIOS passwords are only used at boot time and can be relatively easy to circumvent.
B) Installation of anti-virus and anti-spyware software on each remote device
Anti-virus and anti-spyware software is always important, but it doesn’t provide any additional end-user identification.
C) Daily Windows event viewer reports
Daily reports are useful but they’re after-the-fact information and can’t actively affect the access to the network.
 |
Want to know more? Watch “Installing and Configuring Security Systems.”The practical implementation of security system impacts a wide range of systems, technologies, and processes. In this video, you’ll learn how to secure your BIOS, use smart cards, audit your system through event logs, and how NTFS can make your system more secure. |