Lab #7 – Assessment Worksheet
Students will research best practices for private sector and public sector authentication as it relates to ecommerce and on-line banking. Then they will research the best practices for remote access for employees through public Internet and for employees of city, county, state, and federal governments, based on DoD standards for secure remote access. Multi-factor authentication and restrictions based on data types and sensitivity according to Data Classification Standards were discussed in previous labs and should be taken into consideration when investigating the use of RADIUS, TACACs+ and WLAN authentication methodologies.
Lab Assessment Questions & Answers
1. In an Internet Banking Financial Institution is Single Factor Authentication acceptable? Why or why not?
No because a hacker can steal your username and login easily.
2. Explain the difference between Positive Verification and Negative Verification.
Negative verification is the opposite of positive verification. The customer must contact the bank to verify that the information is correct
3. What vulnerabilities are introduced by implementing a Remote Access Server?
Could Allow Remote Code Execution, two heap overflow, cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user.
4. What is a recommended best practice when implementing a Remote Access Policy server user authentication service?
Using multi-factor authentication.
5. Name at least 3 remote access protections or security controls that must be in place to provide secure remote access.
Authorized secure remote access, Traffic inspection and Coordinated Threat Control, Centralized security management and enterprise-wide visibility and control.
6. When dealing with RADIUS and TACACS+ for authentication methods, what protocols are used at Layer 4 for each of these...