Question

The company that you work for has recently had a security breech. During the recover and assessment, it was discovered that the malicious user used the company VPN to gain access to the network. Now your company would like to find a way to verify the identity of a user who requests access to the company through a VPN. What can you recommend to the company?

Answer 1

Answer:

I recommend Digital Certification of User through trusted certification Authority, who is requesting to access the company website through VPN to make sure the identity of the user.

Explanation:

Digital Certificate is the type of identity key or certificate that is assigned to the users as per their request. It is a unique number that is assigned to the user to ensure the authentication that Who are you. It is same like our identity card number that shows our identity to someone as per requirement.

These certificates are issued by certification organizations that are registered or trusted. If the users are using VPN on their devices to access some website that may not be a trusted user or a malware that can hurt the company by breaching the security protocols. So, some companies didn't allow untrusted users to websites.

Therefore, I recommend to my company that, they should ensure that the users that are trying to access the website through VPN must have some digital Certificate from trusted certification authority to ensure the identity of the users.