Which of the following is NOT a recommended best practice for securing Terminal Services and Remote Desktop?
Which of the following is NOT a recommended best practice for securing Terminal Services and Remote Desktop?
Allowing all TCP 3389 traffic through the external firewall is not a recommended best practice for securing Terminal Services and Remote Desktop. Doing so would expose the RDP port to the internet, making it an easy target for attackers who could scan for open ports and attempt to exploit vulnerabilities or conduct brute-force attacks. Securing this service typically involves limiting access through firewalls, using encryption like TLS, and adding additional layers of protection such as IPSec or VPNs to mitigate potential threats.
The correct answer is: B. Make sure to allow all TCP 3389 traffic through the external firewall. Allowing all TCP 3389 traffic through the external firewall would make the Terminal Services and Remote Desktop environment more vulnerable to attack. Hackers could scan the internet for open RDP ports and then attempt to brute-force or exploit vulnerabilities in RDP to gain access to systems. The other options are all recommended best practices for securing Terminal Services and Remote Desktop: Requiring TLS authentication and data encryption helps to protect data from being intercepted and decrypted by attackers. Using Group Policy to lock down the virtual desktops of thin-client users can help to prevent attackers from gaining access to systems, even if they are able to compromise the RDP connection. Using IPSec or a VPN in addition to the RDP encryption can provide an extra layer of security and help to protect against future RDP vulnerabilities.