Mark work as a System Administrator for TechMart Inc. The company has a Windows-based
network. Mark wants to allow the remote travel agents to be able to access the corporate network
so that they are free to check email and post appointments that are booked for the particular day.
Mark has decided to permit the travel agents to use their home computers but he is required to be
assured that the information is not compromised by anyone because the security of client
information is on the top priority for him. Which of the following is a potential risk if the travel
agents will use their home computers for VPN access?

A.
VPN handles everything and encrypts the data.

B.
VPN does not allow the travel agents to use their home computers.

C.
VPN cannot prevent buffer overflow on the home computer from infecting the network.

D.
VPN cannot prevent potential viruses and malware on the home computer from infecting the
network.

Explanation:
In the above scenario, a potential risk is a viruses and malware attack because a VPN does not
prevent potential viruses and malware attack on the home computer from being infecting the entire
network. Mark can use the Direct Access that is a new feature with Windows 7 and Windows Server
2008 R2, to help in mitigating the potential risks.

Answer C is incorrect. Buffer overflow is a condition in which an application receives more data than
it is configured to accept. It helps an attacker not only to execute a malicious code on the target
system but also to install backdoors on the target system for further attacks. All buffer overflow
attacks are due to only sloppy programming or poor memory management by the application
developers. The main types of buffer overflows are:
Stack overflow
Format string overflow
Heap overflow
Integer overflow