EC-Council
312-50V9 · Question #337
312-50V9 Question #337: Real Exam Question with Answer & Explanation
The correct answer is B: Remote access policy. A remote access policy specifically governs how users connect to internal corporate networks from outside, explicitly covering VPN requirements, authentication, and acceptable use.
Question
Which of the following security policies defines the use of VPN for gaining access to an internal corporate network?
Options
- ANetwork security policy
- BRemote access policy
- CInformation protection policy
- DAccess control policy
Explanation
A remote access policy specifically governs how users connect to internal corporate networks from outside, explicitly covering VPN requirements, authentication, and acceptable use.
Common mistakes.
- A. A network security policy addresses broader infrastructure protections such as firewall rules, intrusion detection, and network segmentation standards, but does not specifically govern the procedures and requirements for remote user access via VPN.
- C. An information protection policy focuses on classifying, labeling, and safeguarding sensitive data assets from unauthorized disclosure or alteration, not on defining the technical mechanisms or conditions for remote network connectivity.
- D. An access control policy defines authorization rules specifying which users or roles may access which resources, but does not prescribe the specific remote connectivity technologies or VPN usage procedures covered by a remote access policy.
Concept tested. Remote access policy scope and VPN governance
Reference. https://csrc.nist.gov/publications/detail/sp/800-46/rev-2/final
Community Discussion
No community discussion yet for this question.