Which of the following is not a security goal for remote access?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
An automated login function for remote users would imply a weak authentication, thus certainly not a security goal.
Source: TIPTON, Harold.
F.
& KRAUSE, Micki, Information Security Management Handbook, 4th edition, volume 2, 2001, CRC Press, Chapter 5: An Introduction to Secure Remote Access (page 100).
Remote access is a method of accessing a computer or a network from a remote location, using various technologies such as the Internet, VPN, or dial-up. Security is a critical concern when it comes to remote access, as it involves transmitting sensitive data over public networks, which can be prone to attacks. Therefore, it is essential to ensure that remote access solutions meet certain security goals to protect against unauthorized access and data breaches.
The security goals for remote access typically include:
A. Reliable authentication of users and systems: This goal ensures that only authorized users and systems can access the network or resources. Authentication mechanisms, such as passwords, biometrics, or two-factor authentication, can be used to verify the identity of the user or system.
B. Protection of confidential data: This goal ensures that sensitive data is protected from unauthorized access or disclosure during transmission over public networks. Encryption mechanisms, such as SSL/TLS, IPSec, or VPN, can be used to secure the data.
C. Easy to manage access control to systems and network resources: This goal ensures that access control policies can be easily implemented and managed, allowing administrators to grant or revoke access to users or systems based on their roles or privileges.
D. Automated login for remote users: This goal is not a security goal for remote access. Although automated login can enhance user convenience and productivity, it can also increase the risk of unauthorized access or data breaches, as it bypasses authentication mechanisms.
Therefore, the correct answer to the question is option D - Automated login for remote users. It is not a security goal for remote access and may even compromise security. Instead, reliable authentication, protection of confidential data, and easy to manage access control are the essential security goals for remote access.