1 / 1100%
According to our textbook,Eective Cybersecurity: A Guide to Using Best Practices and
Standards, traffic securitu is based on the usual mechanisms for encryption and
authentication. All traffic should be encrypted and travel by secure means, such as
SSL or IP security (IPsec). Virtual private networks (VPNs) can be configured so that
all traffic between a mobile device and the organization's nwtowrk is via a VPN.
Some security/mitigation risks and assoicated with VPNs are as follows:
Insucient policies, traning, and awareness - wireless security controls must
include policies and user awareness training specically for wireless access which
include procedufres regarding uses of wireless devices and an understanding of
relevant risks.
Access constraints - A wireless access point transmits, at regular intervals, a
signal containing is Service Set Identier (SSID). Countermeasures include
enabling device security features, change default settings, such as default SSIDs
set by the manufacturer, and track empliyees who have WLANs at home or at a
remote site.
Rogue access points - Rogue access points are APs that users install without
coordination with IT. Access controls, encryption, and authetication procedures
enable IT to maintain control.
Trac analysis and eavesdropping - To counter this threat, it is necessary to use a
strong user authentication technique and to encrypt all trac.
Insucient network performance - Poor performance is due to an imbalance in the
use of access points, insucient capacity planning, or denial of service attack.
One way to mitigate this risk is to continually monitor network perforamce and
investigate any anomalies immediately.,
Hacker attack - Hackers attempt to gain unaurhorized access over wireless
networks. Intrusion detection systems, anti-virus software, and rewalls are
mitigation techniques.
Physical security deciencies - This is in the domain of physical security. Subject
both the network devices and mobile devices to physical secuirty policies and
procedures (2018).,
According to new research, from an attacker’s perspective, finding a VPN means
that they are close to a jackpot. It is easy to interpret for them that you are using a
VPN to protect your sensitive data. It is easy to overlook VPNs by presuming that
they are the most secure part of your network, and appear to be attractive targets for
attackers. Some reasons why VPN penetration testing is essential is because VPNs
provide a direct link to your organizational networks, your security controls must
prevent unauthorized individuals from accessing your data, and it helps you in
understanding how secure your remote access setup is (2021).
B. (2021, May 28).VPN penetration testing explained. BreachLock. Retrieved April 13,
2022, fromhttps://www.breachlock.com/vpn-penetration-testing-explained/
Stallings, W. (2018).Eective Cybersecurity: A Guide to Using Best Practices and
Standards(1st ed.). Addison-Wesley Professional.
Students also viewed