unit 7 homework
docx
keyboard_arrow_up
School
Columbia Southern University *
*We aren’t endorsed by this school
Course
SEC 4302
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
6
Uploaded by briandjones127
Running head: CVES IN REMOTE ACCESS DOMAIN
1
CVEs in the Remote Access Domain
Brian Jones
Columbia Southern University
CVEs IN REMOTE ACCESS DOMAIN
2
CVEs in the Remote Access Domain
Lab 7.1a
CVEs
The remote access domain presents a challenge to security professionals for a few
different reasons. First, the users are not working from within the confines of the main facility.
Secondly, the users may also be using devices that they privately own and may not be secured
properly. Third, the connections made between the data and the users must go through a wide
area network (WAN) which is far more susceptible to attacks (Weiss & Solomon, 2016).
Some of the more prevalent attacks for this situation could be phishing attempts and man
in the middle attacks. Phishing has long been an issue aside from the remote access domain. With
an increased number of individuals working remotely, however, it is more prevalent than ever if
that individual receives an email containing a phishing attempt (Gulf Business, 2020). If the
device that individual does not have proper firewall settings and filters, the email may slip
through. A man in the middle attack occurs when an attacker intercepts data somewhere along
the path between endpoints. Should the attacker have the tools and ability to decrypt the data, a
severe breach is imminent (perspective risk, n.d.).
STIGs
The security technical implementation guide (STIG) pertaining to desktop applications
offers standards for the use of any device connected to the Department of Defense (DoD) or
other agencies. Standards found in the document relate to a variety of issues surrounding the
sensitivity of the data that users are exposed to and transmit in the course of day to day tasks.
The first point raised is the need for backups of all data. The document states that all users “may
not be creating mission sensitive data, their data does represent a resource, that if lost, could
CVEs IN REMOTE ACCESS DOMAIN
3
result in a permanent loss of availability and productivity.” (DoD, 2017).
The document also
references the dangers of peer to peer (P2P) sharing applications. Most often, these applications
do not transmit or receive information over secure connections and the data may be more easily
intercepted.
Lab 7.1b
The document presented by Vaulted has information pertaining to the use of virtual
private networks (VPNs) and their use by the DoD and other agencies. Details are given on the
configuration of VPN settings as well as devices that will be connected to the network via these
connections. Some of the topics discussed are listed below.
Security considerations for remote access and telework. With more and more employees
and users accessing the network remotely, it is crucial to keep data confidentiality,
integrity, and availability at a premium. To accomplish this, it is recommended that VPNs
be used and properly configured.
Assessment, enforcement, and remediation. To assess the security of the data travelling
across the VPN, the gateway should be configured to generate logs of any event that may
be seen as a threat. These logs should contain vital information such as event type, time
and date, and location. With this information in hand, changes can be made if needed and
further rules put into place. These new rules can then be enforced. The effects of an event
can be remedied, hopefully, with little to no harmful effects.
Endpoint security. The VPN should be configured so that it uniquely identifies each
network-connected endpoint device before allowing a connection. If this step is not taken,
unauthorized devices can connect to the network and may spread malicious content.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CVEs IN REMOTE ACCESS DOMAIN
4
Security Readiness. Should a worse-case scenario occur, the gateway should be
configured to fail to a known secure state. VPN gateway that fail unexpectedly with no
prior plan in place can leave the system available, but with reduced security. (Vaulted,
2019).
Lab 7.1c
The document pertaining to the remote access policies details the specific controls and
rules that should be set for any device that will be connected to the secured network remotely.
The points emphasized are the need for strong encryption, documents that must be signed by
remote users, and what actions take place when a remote connection is attempting to be
established. First, encryption is an absolute must. Any data that is sent outside of the local
network should be encrypted to prevent unauthorized individuals from reading the data. Second,
with an unknown number of remote users, having user agreements and security checklists signed
by those users will help to ensure that the users know what is explicitly expected of them in
terms of use and security. Finally, the document outlines what will take place if a remote
connection request is presented and how it will be addressed. For example, if the connection
does not meet pre-determined parameters, it will be automatically terminated.
The second document which deals with remote endpoints classifies the importance of
certain protocols and processes by using a low/medium/high scale. It also gives clear
descriptions on how to avoid these scenarios. An example of low importance is that host-based
firewalls on endpoint devices will log all connections. A medium importance example is any
device that accesses a DoD network will not have a personal firewall installed. Finally, a high
importance example is the endpoint firewall will be configured to block all operationally needed
ports to prevent worms and other malware.
CVEs IN REMOTE ACCESS DOMAIN
5
Lab 7.2
In summation, the remote access domain is both challenging and necessary. There are
certain steps that will need to be taken to ensure the security of the data moving through this
domain. First, and most importantly, is encryption. The assumption must be made that any
transmission can be intercepted at any time. Therefore, having that transmission encrypted will
help to ensure that it can not be read by an unauthorized individual. Second, ensure that those
individuals who will be accessing the network remotely know what is expected of them in terms
of how to interact with the data and how to keep it secure. Third, have all the devices that will be
a part of the remote access updated and configured properly. Finally, have a firm backup plan in
place should any part of the network or data become compromised.
CVEs IN REMOTE ACCESS DOMAIN
6
References
DoD (2017, July 28). Desktop apps general V4R5. Retrieved from
https://public.cyber.mil/stigs/downloads/
Gulf Business (2020, September 21). Organizations struggle to worsen spread the security
umbrella corporate to remote workers. Retrieved from https://go-gale-
com.libraryresources.columbiasouthern.edu/ps/retrieve.do?
tabID=T003&resultListType=RESULT_LIST&searchResultsType=SingleTab&hitCount
=1&searchType=AdvancedSearchForm¤tPosition=1&docId=GALE
%7CA636059715&docType=Article&sort=RELEVANCE&contentSegment=ZGPN&pro
dId=ITOF&pageNum=1&contentSet=GALE
%7CA636059715&searchId=R2&userGroupName=oran95108&inPS=true
Perspectiverisk (n.d.). Remote desktop service vulnerabilities. Retrieved from
https://perspectiverisk.com/remote-desktop-service-vulnerabilities/
Vaulted (2019, July 19). Virtual private network security requirements guide. Retrieved from
https://vaulted.io/library/disa-stigs-
srgs/virtual_private_network_vpn_security_requirements_guide
Weiss, M. M., & Solomon, M. G. (2016).
Auditing IT infrastructures for compliance
(2nd ed.).
Burlington, MA: Jones & Bartlett Learning
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help