Certified Ethical Hacker (CEH v10) — Question 107

A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?

Answer options

• A. Firewall-management policy
• B. Acceptable-use policy
• C. Remote-access policy
• D. Permissive policy

Correct answer: C

Explanation

The Remote-access policy is the most relevant document to check regarding the use of dial-out modems, as it typically governs how remote connections to the network are established. The Firewall-management policy focuses on configuration and rules for firewalls, the Acceptable-use policy outlines acceptable behavior for users, and the Permissive policy is not a standard term for security policies.