nerdexam
EC-Council

312-50V10 · Question #199

A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a di

The correct answer is C. Remote-access policy. A remote-access policy governs how users connect to the network remotely, including the use of dial-up modems, VPNs, and other remote connectivity methods.

Information Security and Ethical Hacking Fundamentals

Question

A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?

Options

  • AFirewall-management policy
  • BAcceptable-use policy
  • CRemote-access policy
  • DPermissive policy

How the community answered

(24 responses)
  • A
    4% (1)
  • B
    4% (1)
  • C
    92% (22)

Why each option

A remote-access policy governs how users connect to the network remotely, including the use of dial-up modems, VPNs, and other remote connectivity methods.

AFirewall-management policy

A firewall-management policy governs the configuration and administration of firewalls, not end-user remote connectivity devices like modems.

BAcceptable-use policy

An acceptable-use policy defines appropriate use of organizational IT resources broadly, but does not specifically address remote access methods or connection technologies.

CRemote-access policyCorrect

The remote-access policy specifically defines what remote connection methods are permitted or prohibited, including dial-out modems, dial-in connections, and VPN usage. It establishes rules for how users in the organization may access internal resources or external networks through non-standard connections. A dial-out modem installed by an IT user is a remote access control concern that falls directly under this policy.

DPermissive policy

A permissive policy is a network traffic stance that allows all traffic by default unless explicitly denied, and is not a policy type that governs remote access hardware.

Concept tested: Remote access policy scope and applicability

Source: https://csrc.nist.gov/publications/detail/sp/800-46/rev-2/final

Topics

#remote access policy#dial-out modem#security audit#policy compliance

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice