Review Questions

1.

You are evaluating remote management options for your company. Your network administration staff and CSO are worried about spoofing attacks, eavesdropping, sniffing, and manipulation of data in packets sent through the remote management tools. What technology would you use to alleviate these concerns?

1. Local administration only

2. Strong encryption

3. Strong authentication protocol

4. Patch management policy

2.

You need to provide security for your remote management tools. Unfortunately, not all of the tools support strong authentication mechanisms and/or encryption. You have unsuccessfully searched for alternative tools. You need to perform remote management of these applications but also require security. What can you do to alleviate this problem?

1. Install a secondary network for performing remote management only. The administrators would need to authenticate with the router to gain access to this network. This private network would alleviate many of the security risks associated with management over the normal network.

2. Perform all management locally. This would ensure that nobody can infiltrate the remote management data.

3. To prevent eavesdropping, create a policy that sets forth strict penalties for any employee sniffing the network.

4. Use a Windows client to connect to the server you need to manage because it will automatically secure the connection.

3.

You currently use an MMC snap-in to manage your Windows Server 2003 Active Directory infrastructure. The communication from this snap-in needs to pass through a firewall that separates you from a branch office so you can manage a domain controller that is there. The management application uses RPC and LDAP (389) to communicate with the server. What ports would you need to open on the firewall for RPC?

1. 110

2. 135

3. 23

4. 3336

4.

Ann needs to set up remote management with a server. She does not want to worry about installing the proper management tools on the clients. She discovers that not all clients will support the management tools for the applications she and her fellow administrators use. She is also concerned about eavesdropping on network management data. What remote management tool should she use?

1. Microsoft Management Console

2. Remote Assistance

3. Remote Desktop for Administrators

4. Telnet

5.

What is the main purpose for using Remote Assistance to remotely manage networks?

1. Remote Assistance provides administrators with a graphical user interface to manage a server as if they were sitting at the local console.

2. Remote Assistance provides administrators with a command-line interface that is compatible with many servers and devices.

3. Remote Assistance provides administrators with the ability to remotely assist end users with problems on their computers.

4. Remote Assistance provides administrators with the ability to manage a server even after it has locked up in many cases.

6.

What are the security issues with using Telnet to perform remote management of servers or devices on the network?

1. Telnet does not have a graphical user interface.

2. Telnet is not supported by all devices or Windows by default.

3. Telnet does not provide for encryption or strong authentication.

4. Telnet only works over a serial connection.

7.

Which of the following can you perform using out-of-band management tools?

1. Restart the server.

2. Configure the IP address of the server.

3. List the running processes on the server.

4. Kill a process.

5. Start a command prompt.

6. Generate a stop error.

7. All of the above.

8.

What is the main purpose of using Emergency Management Services (EMS) to remotely manage networks?

1. EMS provides administrators with a graphical user interface to manage a server as if they were sitting at the local console.

2. EMS provides administrators with a command-line interface that is compatible with many servers and devices.

3. EMS provides administrators with the ability to remotely assist end users with problems on their computers.

4. EMS provides administrators with the ability to manage a server even after it has locked up in many cases.

9.

What is the most effective way of handling serial connections to many servers and the most secure way to set up EMS for out-of-band remote management?

1. Purchase a terminal concentrator that supports SSH. Connect the terminal concentrator to the servers through the network using SSH. Connect to the terminal concentrator from the management computer through a null serial connection. Physically secure the terminal concentrator in the server room with the servers.

2. Purchase a terminal concentrator that supports Telnet. Connect the terminal concentrator to the servers through the network using Telnet. Connect to the terminal concentrator from the management computer through a null serial connection. Physically secure the terminal concentrator in the server room with the servers.

3. Purchase a terminal concentrator that supports Telnet. Connect the terminal concentrator to the servers with null serial cables. Connect to the terminal concentrator from the management computer through Telnet. Physically secure the terminal concentrator in the server room with the servers.

4. Purchase a terminal concentrator that supports SSH. Connect the terminal concentrator to the servers with null serial cables. Connect to the terminal concentrator from the management computer through SSH. Physically secure the terminal concentrator in the server room with the servers.

10.

What is the main purpose for using Remote Desktop to remotely manage networks?

1. Remote Desktop provides administrators with a graphical user interface to manage a server as if they were sitting at the local console.

2. Remote Desktop provides administrators with a command-line interface that is compatible with many servers and devices.

3. Remote Desktop provides administrators with the ability to remotely assist end users with problems on their computers.

4. Remote Desktop provides administrators with the ability to manage a server even after it has locked up in many cases.

1.

B. Strong encryption like RC4 128-bit encryption will prevent many of the most damaging attacks against remote management. You should consider encryption for all remote management tools that support it. If they don’t support it, you should consider implementing a VPN or other means of encrypting the remote management traffic.

2.

A. You would use a secondary, remote management–only network to keep the remote management traffic off the network on which it would be a greater risk. This is not as good as encrypting the information because administrators who have access to the network could view the information.

3.

B. Microsoft uses port 135 for DCOM RPCs that are supported by many snap-ins for the MMC. Port 110 is used for POP3, 23 is used for Telnet, and 3336 is just a random port.

4.

C. Remote Desktop for Administrators provides a remote interface that will let you interact with the server as if you were sitting at the server locally. This alleviates the need for Ann to distribute the proper management tools to the clients. The Remote Desktop client is supported by many different operating systems, but MMC snap-ins can sometimes be incompatible with the underlying operating system. Remote Desktop supports 128-bit RC4 encryption to prevent eavesdropping. It also provides for strong, integrated authentication with Windows. Remote Assistance is used to support users and generally not for Remote Management. Telnet does not provide any encryption and passwords are sent over the wire in clear text.

5.

C. Remote assistance is used to remotely provide assistance for a computer user. You can ask the user to allow you to see what they see and even chat with the user or take over their session and do a task for them while they watch.

6.

C. Telnet does not encrypt the authentication or administration traffic and is susceptible to eavesdropping. This is particularly troublesome when the tool is being used to remotely manage servers and devices because administrator passwords can be compromised or sensitive data could be captured. You would need to address security issues for using Telnet, which could involve using a secondary network for remote management, using a VPN to secure the traffic, or switching to SSH if supported. The question was about security, so the fact the Telnet does not have a graphical user interface or that it is not supported by all devices are not relevant. Telnet supports network connections and does not need a serial connection.

7.

G. All of these commands can be executed from the Special Administration Console to administer the server when connections through in-band means will not work.

8.

D. EMS is one of the out-of-band management tools provided with Windows Server 2003. These services let you connect, diagnose, and resolve server issues without having network access or even user mode access to the server. This means that you could connect to a locked-up server and reboot or diagnose the problem as long as kernel mode is still running.

9.

D. You would need to set up a terminal concentrator to more readily support many servers for out-of-band communication. When purchasing a terminal concentrator, you would want to look for one that supports SSH to provide logical security for the network connections.

10.

A. Remote Desktop for Administration is a popular way of providing remote in-band management to Windows Server 2003. It provides a graphical user interface that shows what is happening on the server, and all keyboard and mouse movements in the Remote Desktop window are sent to and handled on the server. With Remote Desktop, it’s as if you were sitting at the local server, but you still gain the productivity and convenience of remote administration.