Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector?

A.
Using a TACACS+ server.

B.
Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the
firewall.

C.
Setting modem ring count to at least 5.

D.
Only attaching modems to non-networked hosts.

Explanation:
Containing the dial-up security problem is conceptually easy: Put your RAS server outside your firewall in the
public security zone, and force legitimate users to authenticate with your firewall first to gain access to private
network resources. Allow no device to answer a telephone line behind your firewall. This eliminates dial-up as a
vector by forcing it to work like any other Internet connection.
Incorrect Answers:
A: Using a TACACS+ server would increase security, but using a firewall is a better solution.
C: Increasing the modem ring count setting would just minimally increase security.
D: To provide remote access the modems must be connected to the network.