GCIH · Question #671
Which of the following would be exposed to an attacker as a result of a remote employee attempting to connect to company resources without a VPN?
The correct answer is B. The employee's domain credentials. Without a VPN, a remote employee's authentication traffic to company resources traverses the public internet unprotected, exposing domain credentials to interception.
Question
Which of the following would be exposed to an attacker as a result of a remote employee attempting to connect to company resources without a VPN?
Options
- AThe employee's private key
- BThe employee's domain credentials
- CThe laptop's private key
- DThe laptop's encryption password
How the community answered
(52 responses)- A2% (1)
- B90% (47)
- C2% (1)
- D6% (3)
Why each option
Without a VPN, a remote employee's authentication traffic to company resources traverses the public internet unprotected, exposing domain credentials to interception.
Private keys used for certificates or encryption are stored locally on the device and are never transmitted over the network during standard domain authentication.
When a remote employee authenticates to company resources without a VPN, protocols such as NTLM transmit credential material over unencrypted or interceptable channels on the public internet. An attacker positioned to perform a man-in-the-middle attack or passive network sniffing could capture domain credentials or NTLM challenge-response hashes, which can then be relayed or cracked offline to compromise the account.
The laptop's private key is a locally stored cryptographic asset that is not sent across the network when a user connects to remote company resources.
Disk encryption passwords are used locally to unlock storage volumes at boot and are not transmitted over the network during remote resource authentication.
Concept tested: Domain credential exposure risk without VPN protection
Source: https://learn.microsoft.com/en-us/windows-server/remote/remote-access/vpn/vpn-top
Topics
Community Discussion
No community discussion yet for this question.