Lab #6 – Assessment Worksheet

Elements of a Remote Access Domain Policy

Course Name: IAP 301
Student Name: Đặng Nam Bình
Instructor Name: Mai Hoàng Đỉnh
Lab Due Date: June, 13
Remote Access Domain Risks & Threats
Brute force user ID and password attacks
Multiple login retries and access control
Attacks
Unauthorized remote access to IT systems,
applications, and data
Privacy data or confidential data is
compromised remotely
Data leakage in violation of existing
Data Classification Standards
Mobile worker laptop is stolen
Mobile worker token or other
lost or stolen authentication device
Remote worker requires remote access to
medical patient online system through
the public Internet
Users and employees are unaware of the risks
and threats caused by the public Internet
Risk Mitigation Tactic/Solution
Restrict login attempts to five times. Require the
use of complex passwords.
Limit the request login
Using ID and password for login request
Encrypt or using VPN for more secure data
Encrypt the input data using a key that only the
administrator can decrypt.
Utilize cameras for enhanced security and employ
lockers to secure devices when not in use.
Lock the user account to restrict access until the
token or authentication device is recovered.
Administrators can generate a new authentication if
needed.
Using VPN for more secure connection.
Educate users and employees through security
awareness training about the risks and threats
associated with the public Internet.

ABC Healthcare Provider

Policy Statement

A Remote Access Policy outlines and defines the acceptable methods for remotely connecting to an
organization's internal network. This policy is crucial for large organizations with geographically
dispersed networks that extend into insecure environments, such as public networks or unmanaged home
networks.
Purpose/Objectives

The objectives of a remote access policy are to protect corporate data from hackers, malware, and other
cyber security threats while enabling employees to work from remote locations.

Scope

This policy applies to all staff involved in accessing, configuring, managing, and supporting remote
connectivity to the network.

Standards

The Remote Access Standard aims to define approved methods for securely accessing resources and
services remotely.

Procedures

Staff must contact the help desk to obtain approved methods and software for remote system access.
Those accessing systems remotely are responsible for ensuring their mobile devices comply with
applicable policies. All devices must be inspected by the help desk before use to verify they have the
latest security patches and antivirus updates. Users with remote access privileges must use their
connections exclusively for work-related purposes, consistent with on-site network use.

Secure remote access must be strictly controlled. The information security team will determine the
appropriate access methods and hardening technologies, which may include two-factor authentication,
smart cards, or PKI technology with strong passphrases. All user passwords must be strong and adhere to
the guidelines and procedures outlined in the Access Control and Password Policy.

Guidelines

Data and network encryption standards

Information security and confidentiality

Email usage

Physical and virtual device security

Network connectivity

VPN access

Lab Assessment Questions & Answers

What are the biggest risk when using the public Internet as a WAN or transport for remote
access to your organization’s IT infrastructure
One of the risks associated with using Wi Fi is that hackers can often position themselves between the
user and the endpoint connection. Once they gain access to your information and privacy, they can exploit
it.

Why does this mock healthcare organization need to define a Remote Access Policy to
properly implement remote access through the public Internet

A VPN is essential when users need to access organizational resources over the public internet.

What is the relationship between an Acceptable Use Policy (AUP) and a Security
Awareness & Training Policy?

The acceptable use policy is a part of the broader security awareness and training policy. It outlines
permissible and prohibited activities for users on company resources, while the security awareness and
training policy addresses security practices across the entire organization.

One of the major prerequisites for this scenario was the requirement to support nurses and
healthcare professionals that are mobile and who visit patients in their homes. Another
requirement was for remote clinics to access a shared patient medical records system via a
web browser. Which type of secure remote VPN solution is recommended for these two
types of remote access?

Nurses and healthcare professionals utilize Remote Access VPN, while Site-to-Site VPN is used for other
purposes.

When trying to combat unauthorized access and login attempts to IT systems and
applications, what is needed within the LAN-to-WAN Domain to monitor and alarm on
unauthorized login attempts to the organization’s IT infrastructure?

Using a router for monitoring and a firewall for detection, alarms are sent to the administrator.

Why is it important to mobile workers and users about the risks, threats, and
vulnerabilities when conducting remote access through the public Internet.

Their ID and password can potentially be compromised when attempting to log in to Remote Access.

Why should social engineering be included in security awareness training

Because it aids in defending against sophisticated phishing attacks, it is important to educate and train
your employees to prevent social engineering attacks.

Which domain (not the Remote Domain) throughout the seven domain of a typical IT
infrastructure supports remote access connectivity for users and mobile workers needing to
connect to the organization’s IT infrastructure?

WAN Domain
Where are the implementation instructions defined in a Remote Access Policy definition?
Does this section describe how to support the two different remote access users and
requirement as described in this scenario?

The implementation instruction are defined in Remote Access Domain.

A remote clinic has a requirement to upload ePHI data from the clinic to the organization’s
IT infrastructure on a daily basis in a batch-processing format. How should this remote
access requirement be handled within or outside of this Remote Access Policy definition?

Remote access requirements should be managed by authorized members of the company, and VPN user
access can be facilitated through the use of Active Directory for other users.

Why is a remote access policy definition a best practice for handing remote employees and
authorized users that require remote access from home or on business trips

Implementing a remote access policy is considered a best practice for managing remote employees and
authorized users, as it provides secure and flexible network access from any location.

Why is it a best practice of a remote access policy definition to require employees and users
to fill in a separate VPN remote access authorization from?

Implementing a remote access policy is considered a best practice because it ensures non-repudiation of
users, allowing only authorized individuals to access important documents.

Why is it important to align standards, procedures, and guidelines for a remote access
policy definition?

Aligning standards, procedures, and guidelines for a remote access policy is crucial to maintain data
confidentiality as mandated by law.

What security control, monitoring, and logging should be enabled for remote VPN access
and users?

Security controls, monitoring, and logging should be enabled for remote VPN access. Users must undergo
multifactor authentication. Account and computer audit policies should be in place to monitor activity.
Administrators will send access requests or notifications for logging events.

Should an organization mention that they will be monitoring and logging remote access use
in their Remote Access Policy Definition?

Yes, it is important for an organization to include provisions in its remote access policy stating that
monitoring and logging of remote access use will occur. This promotes transparency and ensures that
employees are aware of the policy.