Which policy change would prevent unsecured remote access?

• A. Disable unsecured remote access such as Telnet and require SSH/VPN.
• B. Enable Telnet for ease of use.
• C. Use FTP for remote access.
• D. Allow remote access with default credentials.

Answer: (A)

This question tests how to prevent unsecured remote access by eliminating unencrypted protocols and enforcing secure channels. Telnet transmits login data in plaintext, so credentials can be captured over the network. FTP also sends credentials and data without proper encryption, making remote access risky. Replacing these with SSH for remote login and a VPN for network access creates encrypted channels that protect both authentication and data in transit.

By disabling unsecured remote access and mandating SSH or VPN, you block the insecure pathways attackers would exploit. Enabling Telnet would keep the risk, using FTP for remote access still exposes credentials, and relying on default credentials is highly vulnerable to simple guesses. The best policy is to enforce secure methods like SSH and VPN and deny unsecured ones.