IT Examiner School, Seaside, CA

Remote Access

Authenticate, Monitor, & Control

• Disable remote communications • Controlling access • Implement control over configurations at both ends • Logging and monitoring all remote access communications. • Secure remote access devices. • Restrict remote access during specific times. • Limit the applications available for remote access. • Use robust authentication methods for access and encryption to secure communications.

System Configuration/ Access

• Configuration based on standards o Industry/vendor • Configuration standards approvals o Senior mgmt., committee, board • Disable unnecessary ports/services • Change/disable default passwords/accounts • Automated tools used to enforce secure configuration