A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports.
Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)
A.
Trusted Platform Module B.
A host-based firewall C.
A DLP solution D.
Full disk encryption E.
A VPN F.
Antivirus software.
AB.
A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports.
Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)
A.
Trusted Platform Module
B.
A host-based firewall
C.
A DLP solution
D.
Full disk encryption
E.
A VPN
F.
Antivirus software.
AB.
The pharmaceutical sales representative connecting to a public WiFi network creates a security risk, as the network is accessible to other devices and potential attackers. To prevent other devices on the network from directly accessing the laptop, the following two measures can be taken:
A. Trusted Platform Module (TPM): A TPM is a hardware security module that provides secure storage for cryptographic keys and other sensitive data. It helps to ensure that the laptop's hardware has not been tampered with, and can be used to authenticate the user and the system. However, TPM does not provide network-level security, and therefore, it should be used in conjunction with other security measures.
B. Host-based Firewall: A host-based firewall is software that controls incoming and outgoing network traffic on a specific device. It can block unauthorized access attempts from other devices on the network and allow only trusted connections. Host-based firewalls can be customized to block specific ports, protocols, or applications that are not required for the user's needs. It is important to note that a firewall only provides protection at the network level, and not for the data being transmitted or received.
C. Data Loss Prevention (DLP) solution: A DLP solution helps to prevent sensitive data from being leaked or lost by monitoring and controlling the flow of data within an organization. It can identify, monitor, and protect sensitive information, such as customer data or intellectual property, and can block unauthorized access to this information. However, DLP solutions are typically used within organizations and not on individual laptops.
D. Full Disk Encryption: Full disk encryption (FDE) is a process of encrypting all the data on a device's hard drive. It can protect the data in case of theft or loss of the device. FDE can prevent unauthorized access to the data on the hard drive, but it does not provide network-level security.
E. Virtual Private Network ( VPN): A VPN is a secure connection between two devices or networks over the internet. It encrypts the data being transmitted and provides a secure tunnel for the data to travel through. A VPN can prevent other devices on the public network from accessing the laptop and can also provide a secure connection to the internet.
F. Antivirus Software: Antivirus software is designed to detect, prevent, and remove malware and viruses from a computer system. It can help protect the laptop from malicious attacks or unauthorized access attempts. However, antivirus software does not provide network-level security.
In summary, the best measures to prevent other devices on the public network from accessing the laptop are host-based firewall and VPN. The host-based firewall can control incoming and outgoing network traffic and block unauthorized access attempts. A VPN can provide a secure connection between the laptop and the internet, preventing other devices on the public network from accessing the laptop.