Operational Procedures: Given a scenario user remote access technologies Flashcards
CompTIA A+ 220-1102 Exam Criteria
Why do we work with Remote Access Technologies?
Remote Desktop Protocol is a remote connection protocol that allows users to directly connect one device to a Windows OS device. Port 3389 is used for Remote Desktop Protocol. It is a built-in remote management tool in Windows 10. You can connect to another computer’s desktop using RDP, allowing you to work on the device remotely like you were sitting in front of it. You can troubleshoot issues and errors. Administrators can RDP to a Windows device and take over control of the system. Only one user can be signed in at a time, and the administrator takes precedence, and the user would be signed off. By default, the Remote Desktop feature is enabled in Windows 10.
Remote Assistance allows a user to request help from a technician. An email will be sent to the technician, and a password will have to be provided to secure the connection. Quick Assist is an update to Remote Assistance that allows a technician the ability to give a code to users to help them. The user enters it on their machine, and a series of permission checks are done before the connection is made. Using either Remote Assistance or Quick Assist, the technicians can simply view the user’s screen or take control of the computer. The user will be able to view the screen at all times.
How do you Secure a Remote Desktop Connection?
When users virtually connect to a Windows system from another computer, they have complete access to the operating system, even though they are not in front of it. Although Remote Desktop has practical usage in different scenarios, there are obvious security risks as well. For example, a hacker may gain access to the user’s credentials and attempt to connect to the system remotely.
Click the Start charm and type the following:
local security policy > Select Local Security Policy from the Best match pop-up menu.
In the Local Security Policy window, expand Local Policies on the left pane. > Select User Rights Assignment. > Double-click on the Allow log on through Remote Desktop Services policy on the right details pane
On the Allow log on through Remote Desktop Services Properties dialog box, notice that there are two groups added on the Local Security Setting tab.
Any user who is part of these groups will be allowed remote access to the PLABWIN10 device. You can restrict access to a specific user account.
Select Administrators, press the Shift key and then select Remote Desktop Users.
Click Remove. > Both groups have now been removed.
Click Add User or Group.
From the Select Users, Computers, Service Accounts, or Groups dialog box, type the following for the Enter the object names to select field:
Administrator
Click Check Names.
In the Multiple Names Found dialog box, the Administrator user account, is selected by default.
Back on the Select Users, Computers, Service Accounts, or Groups dialog box, notice that the Administrator account is now added. > Click OK
On the Allow log on through Remote Desktop Service Properties dialog box, notice that the PRACTICELABS\Administrator account is now added. > Click Ok
What is Remote Assistance?
Microsoft Remote Assistance is a Windows utility that allows users to ask for assistance with invitations. The invitation can be sent as an attachment in an email or by using quick connect. The technician would then connect to the session and enter the password. At that point, they would be able to access the shared screen, and the user could receive the assistance they requested. Since the release of Quick Assist in Windows 10, Remote Assistance has been, in a way, decommissioned. Any easy links to it have been removed, and Quick assist is now the preferred method.
What is Quick Assist?
Quick Assist is part of the Remote Desktop Protocol family and is also used to assist users. The user receives a code from the technician and can share their screen once the code is used. The technician then receives an invitation and has the option of just viewing or being able to control the machine. Once the selection is made, one last set of permission is sent back to the user needing assistance to start the session. There are controls in the Quick Assist window to end a session and to take control back from the technician. Quick Assist was introduced in Windows 10 and is an update to remote assistance.
What is VNC?
Another type of Remote Desktop Connection is Virtual Network Computing. Different vendors provide VNC applications, several of which are open source. Virtual Network Computing is the process of connecting to a remote device to manage the device remotely. The local user connected to the device can see what the remote user is doing.
What is the fundamental differences between VNC and RDP?
The fundamental difference between VNC and RDP is that the local user will not see what the remote user is doing when an RDP session is initiated.
VNC gives a similar experience across all operating systems but with fewer features and capabilities than RDP. VNC is sluggish and ineffective for virtualization. VNC has the potential to be less secure than RDP. Both technologies give users the ability to troubleshoot issues for users and remotely connect for productivity. Users would use RDP if they needed to file share. Users would use VNC for uses like presentations. VNC will use port 5900 by default.
Why would you use Secure Shell Protocol?
Like RDP, secure Shell SSH is a popular way to log on to and administer computers in a secure manner. SSH operates on three main principles:
The transport layer is responsible for server authentication
The user authentication protocol validates the user
The connection protocol creates the encrypted tunnel
It’s a secure alternative to insecure methods like Telnet that sends information in plain text. Through encryption, SSH enables safe communication and preserves the integrity of data.
What is a VPN used for?
Virtual Private Networks are used to keep information private over unsecure networks. VPNs can be used to connect remote users to their offices, secure shopping and banking data, use public Wi-Fi, or maintain anonymity while browsing the Internet. The data remains hidden using encapsulation, tunneling and encryption. Users will connect to a Virtual Private Network server and will be authenticated. Any information that is then sent is encrypted and wrapped in another packet that is encrypted as well. Once the data is received on the other end, the outer packet is removed, and the information decrypted for use.
How to set up a VPN connection?
Right-click on the Start charm and select Settings. > From the Windows Settings window, select Network & Internet. > In the Settings window, select VPN on the left pane. > Click + Add a VPN connection on the VPN pane.
In the Add a VPN connection, change the VPN provider drop-down to Windows (built-in).
Type the following:
Connection name: TestConnect
Server name or address: 192.168.255.13
clickSave. Back on the Settings - VPN pane, select Change adapter options under the Related settings section.
In the Network Connections window, right-click on TestConnect and select Properties.
From the TestConnect Properties dialog box, select the Networking tab.
On the TestConnect Properties - Networking tab, select Internet Protocol Version 4(TCP/IPv4).
Select Properties.
On the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, you can set a static IP address instead of an automatically assigned IP address from the DHCP Server.
You can also set a DNS server and Alternate DNS Server statically.
Click Advanced. > On the Advanced TCP/IP Settings dialog box, deselect Use default gateway on remote network.
Click OK. > Back on the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click OK.
On the TestConnect Properties dialog box, select Internet Protocol Version 6 (TCP/IPv6).
Click Properties. > On the Internet Protocol Version 6 (TCP/IPv6) Properties dialog box, select Advanced.
On the Advanced TCP/IP Settings dialog box, deselect Use default gateway on remote network.
Click OK. > Click OK on the Internet Protocol Version 6 (TCP/IPv6) Properties dialog box. > On the TestConnect Properties window, click OK.
What is a VPN server?
A VPN Server is a server with VPN software installed that can be used by the end-users device to establish a connection. The purpose of this server is to provide VPN services, such as encrypting and encapsulating the data packets. Once packaged, the packets will be securely delivered over the Internet to the intended destination. In theory, VPN Servers can handle about 4,000 connections. But when many connections are being used, the server’s response will be slow. Large organizations may want to consider additional VPN Servers in a Clustering and Load Balancing style management.
What is IPSEC on VPN Protocols?
This protocol secures messages by encrypting and authenticating them. Transport and Tunnelling Mode are the two functionalities that IPSEC offers. In Transport mode, encrypting and concealing the data is performed. The Tunnelling Protocol is responsible for securing data while it is being transported across the Internet to its destination.
What is L2TP?
This VPN protocol is not secure and needs to be paired with a security protocol like IPSEC, which will function at 256-bit encryption. L2TP will create the tunnel and connection between the two points using a Point-to-Point protocol, allowing networking equipment to communicate securely. It is reliable, robust, adaptable, and broadly compatible and can handle most types of data. A downside is that it functions at lower speeds than other VPN technologies. It is very commonly used for network-to-network connections.
What is PPTP?
This VPN technology is one of the original VPN options available and is based on the Point-to-Point Protocol. PPTP has built-in encryption and authentication, but it is not to the level of some of today’s other standards at only 128-bit encryption. This protocol is faster than L2TP. Although it can be used on the Internet, this protocol will likely be used inside an organization to secure traffic on the Local Area Network.
What is SSL and TLS?
On the Internet, SSL and TLS are used to offer security and are a main component in the Public Key Infrastructure. Originally, data was transmitted on the Internet in plain text. Higher security levels were required after the emergence of the World Wide Web. People were now shopping and banking online as well as other tasks. SSL was created in 1995 by Netscape to help solve the problem with encryption and authentication. SSL is no longer supported and ended at version 3.0.
An update to SSL was needed. The Internet Engineering Task Force developed TLS 1.0 based on SSL 3.0 in 1999. The current version of TLS is version 1.3. The terms are used almost interchangeably in the industry, but there are slight differences. SSL is more complex; hence the cost of network and PC resources can be high. TLS uses new stronger ciphers when compared to SSL. TLS will provide alerts when there are bad certificates. The way the hashes are communicated for authentication is done differently.
What is OpenVPN?
OpenVPN is an open-source VPN. This protocol has a variety of ways to allow connections and authentication. It can be used for peer-to-peer use with pre-shared keys or multiple users authenticating with certificates. It uses the ciphers available in the SSL Library. It is compatible with all common operating systems today and is a very secure, very commonly used protocol.
