Bob is a new security administrator at a financial institution. The organization has experienced some suspicious activity on one

admin2013-12-19  34

问题 Bob is a new security administrator at a financial institution. The organization has experienced some suspicious activity on one of the critical servers that contain customer data. When reviewing how the systems are administered, he uncovers some concerning issues pertaining to remote administration. Which of the following should not be put into place to reduce these concerns?
i. Commands and data should not be sent in cleartext.
ii. SSH should be used, not Telnet.
iii. Truly critical systems should be administered locally instead of remotely.
iv. Only a small number of administrators should be able to carry out remote functionality.
v. Strong authentication should be in place for any administration activities.

选项 A、i, ii
B、None of them
C、ii, iv
D、All of them

答案B

解析 B正确。为了正确地进行远程管理活动,所有这些对策都应该付诸实施。
A不正确。因为敏感命令和敏感数据不应该以明文的形式(即它们需要加密)发送到关键系统。例如,应该使用SSH,而不是Telnet。SSH是一个安全数据通信的网络协议。它允许两个网络相连的系统间的远程shell服务和命令执行,以及其他安全网络服务。它是为了取代使用明文发送信息和明显的密码的Telnet和其他不安全的远程shell协议(比如Berkeley rsh和rexec协议)而设计的,因为这些不安全的协议会导致信息容易受到拦截和泄露。
C不正确。因为敏感命令和敏感数据不应该以明文(即它们需要加密)的形式发送。例如,应该使用SSH,而不是Telnet。真正关键的系统应该通过本地管理,而不是通过远程管理。应该只有一小部分管理可以通过远程执行。
D不正确。因为为了正确地进行远程管理活动,所有这些对策都应该付诸实施。
转载请注明原文地址:https://kaotiyun.com/show/cAhZ777K
0

最新回复(0)