312-50V9 · Question #34
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a di
The correct answer is C. Remote-access policy. A remote-access policy governs how users connect to the network remotely, including the use of dial-up modems, VPNs, and other remote connectivity methods.
Question
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?
Options
- AFirewall-management policy
- BAcceptable-use policy
- CRemote-access policy
- DPermissive policy
How the community answered
(53 responses)- A2% (1)
- B4% (2)
- C94% (50)
Why each option
A remote-access policy governs how users connect to the network remotely, including the use of dial-up modems, VPNs, and other remote connectivity methods.
Firewall-management policy covers the rules and procedures for managing firewall configurations, not end-user remote access devices like modems.
Acceptable-use policy defines how users may use organizational IT resources in general and does not specifically address remote access methods like dial-out modems.
Remote-access policy defines the rules and requirements for all forms of remote connectivity to the organization's network, including dial-out modems, VPN connections, and similar technologies. Checking this policy allows the analyst to determine whether the installed dial-out modem violates approved remote access methods.
Permissive policy is a general security stance term, not a specific named policy document that would govern remote access device usage.
Concept tested: Remote-access policy governing dial-out modem usage
Source: https://www.sans.org/information-security-policy/
Topics
Community Discussion
No community discussion yet for this question.