CompTIA
CAS-002 · Question #670
CAS-002 Question #670: Real Exam Question with Answer & Explanation
The correct answer is A: VPN concentrator. To enforce authenticated remote access and restrict external networks from reaching internal resources, a VPN concentrator and a firewall must be deployed at the perimeter.
Question
A company currently does not use any type of authentication or authorization service for remote access. The new security policy states that all remote access must be locked down to only authorized personnel. The policy also dictates that only authorized external networks will be allowed to access certain internal resources. Which of the following would MOST likely need to be implemented and configured on the company's perimeter network to comply with the new security policy? (Select TWO).
Options
- AVPN concentrator
- BFirewall
- CProxy server
- DWAP
- ELayer 2 switch
Explanation
To enforce authenticated remote access and restrict external networks from reaching internal resources, a VPN concentrator and a firewall must be deployed at the perimeter.
Common mistakes.
- C. A proxy server intermediates client web requests for caching or content filtering but does not provide remote access authentication or perimeter network access control.
- D. A WAP (Wireless Access Point) provides local wireless LAN connectivity and is not a perimeter device for securing remote access or restricting external network traffic.
- E. A Layer 2 switch operates at the data link layer to forward frames within a LAN segment and provides no authentication, authorization, or perimeter filtering capabilities.
Concept tested. VPN concentrator and firewall for perimeter security
Reference. https://learn.microsoft.com/en-us/windows-server/remote/remote-access/vpn/vpn-top
Community Discussion
No community discussion yet for this question.