CompTIA Security+ (SY0-701) — Question 149

A security analyst scans a company's public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?

Answer options

• A. Changing the remote desktop port to a non-standard number
• B. Setting up a VPN and placing the jump server inside the firewall
• C. Using a proxy for web connections from the remote desktop server
• D. Connecting the remote server to the domain and increasing the password length

Correct answer: B

Explanation

The correct answer is B, as setting up a VPN and placing the jump server inside the firewall enhances security by ensuring that remote access is encrypted and controlled. Option A does not significantly improve security, while option C addresses web connections but not the overall access method. Option D may improve password security but does not restrict access effectively.