What should be specified in a VPN security policy?
What will be an ideal response?
The policy should spell out who should have VPN access to your organizational network. For example, vendors might be granted access to the network through a VPN connection, but they may only be allowed to access information pertaining to their own company's accounts. The vendor VPN solution should have controls that allow the administrator to restrict where vendors can go on the organizational network. On the other hand, managers and full-time employees who access the network through a VPN while traveling should be granted more comprehensive access to network resources. The policy should also state whether authentication is to be used and how it is to be used, whether split tunneling (two connections over a VPN line) is permitted, how long users can be connected using the VPN at any one session, whether virus protection is included, and so on.
You might also like to view...
Match the following terms to their meanings:
I. OneDrive II. Desktop App III. Office 365 IV. SharePoint V. Office Store A. A version of Microsoft Office to which you subscribe for an annual fee B. A public marketplace for Office apps that Microsoft hosts and regulates C. Microsoft's free cloud storage for anyone with a free Microsoft account D. Collaboration software where people within an organization can manage documents and publish reports for others to see E. A computer program that installed on your PC and requires a computer operating system
Which one of the following is NOT a key component of a thorough personnel security program?
a. Background investigations b. Fire protection c. Exit procedures d. Monitoring