Register
A company has made it a spending priority to implement security architectures that will be resilient during an attack. Recent incidents have involved attackers leveraging latent vulnerabilities in cryptographic
54.6k views
2 votes
A company has made it a spending priority to implement security architectures that will be resilient during an attack. Recent incidents have involved attackers leveraging latent vulnerabilities in cryptographic implementations and VPN concentrators to be able to compromise sensitive information. Patches have been slowly released for these emergent vulnerabilities, leaving weeks to months of exposed and vulnerable attack surface.

Which of the following approaches would be BEST to increase enterprise resilience during similar future attacks?

A. Implement appliances and software from diverse manufacturers
B. Segment remote VPN users logically from the production LAN
C. Maximize open-source software to benefit from swifter patch releases
D. Upgrade the cryptographic ciphers used on the VPN concentrators

User Jeroen Coumans
by
7.9k points

1 Answer

4 votes

Final answer:

The best approach to increase enterprise resilience during future attacks involving latent vulnerabilities in cryptographic implementations and VPN concentrators is to implement appliances and software from diverse manufacturers. Segmenting remote VPN users logically from the production LAN is also a good strategy. Upgrading the cryptographic ciphers used on the VPN concentrators can improve security.

Step-by-step explanation:

The best approach to increase enterprise resilience during future attacks involving latent vulnerabilities in cryptographic implementations and VPN concentrators is to implement appliances and software from diverse manufacturers. By using products from different manufacturers, the company can reduce the risk of a single vulnerability affecting all their systems. This approach ensures that if one manufacturer's product is compromised, the others can still provide security.

Segmenting remote VPN users logically from the production LAN (option B) is also a good strategy, as it limits the potential damage that attackers can do by compromising a remote user's device.

Upgrading the cryptographic ciphers used on the VPN concentrators (option D) can improve security, but it should be done in combination with the other approaches mentioned above to ensure comprehensive resilience.

User Raymond Roestenburg
by
8.1k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

9.5m questions

12.2m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Disadvantages of using animation in advertising? advantages and disadvantages of using animation for education? advantages and disadvantages of using animation in entertainment?
Link Copied!