Remote Desktop Technologies

Question 1

What are common uses for remote desktop?

Answer 1

Laptop users at home with a slow link. They could establish a remote desktop connection to a PC in the office.
To configure or troubleshoot a computer.

Question 2

What are some security considerations you must resolve when allowing remote access?

Answer 2

Remote Access permissions should be granted using least privilege principals
The connection must use encryption (like VPN)
Server software supporting the connection must be safe from vulnerabilities.

Question 3

What is the run text for Remote Desktop?

Answer 3

mstsc.exe

Question 4

What is VNC?

Answer 4

Virtual Network Computing.
It is a freeware product with similar functionality to RDP.
Apple Screen Sharing uses VNC.
Works over TCP port 5900.

Question 5

What is NLA and what does it do?

Answer 5

Network Level Authentication.
Requires users to authenticate before establishing a full RDP session.
This protects the RDP server from attacks.

Question 6

What can you use to run a RDP on Linux?

Answer 6

XRDP.

Question 7

What is Remote Assistance?

Answer 7

AKA MSRA (Microsoft Remote Assistance)
Allows a user to ask for help from a technician or co-worker via an invitation file that is protected by a password.
The helper can open the file to connect over RDP and join the session.
There is a chat feature, and the helper can request control over the desktop.
Assigns a port dynamically from 49152 to 65535, so is difficult to configure a firewall securely to allow the connection.

Question 8

What is the run text for Remote assistance?

Answer 8

msra.exe

Question 9

What does the Quick Assist feature do?

Answer 9

An alt to Remote Assistance.
Works over HTTPS (443) port.
The helper must be signed in with a Microsoft account to offer assistance
The helper generates the password to provide the starter.

Question 10

What is WinRM and what does it do?

Answer 10

Windows Remote Management.
Allows systems to exchange and access management information across a network.
The WinRM console can be used to execute management commands on the system remotely.
A SOAP (Simple Object Access Protocol) base program so it relies on HTTP/HTTPS connections to communicate between systems.
Microsoft’s implementation of the WS-Management protocol.

Question 11

What are security concerns for WinRM?

Answer 11

Remote attackers executing their own commands against the network device.

Question 12

What does WinRM use to encrypt traffic?

Answer 12

Kerbos.

Question 13

How does Secure Shell SSH connect to a computer.

Answer 13

To a command interpreter (terminal).

Question 14

What are 2 common ways to authenticate the SSH server?

Answer 14

Password authentication
Public key authentication

Question 15

What is the difference between in-band and out-of-band management

Question 16

What are 2 general classes of tools that provide enterprise desktop monitoring and remote access?

Answer 16

Remote monitoring and management (RMM)- Used to centralize device management. Generally designed for used by managed service provides (MSP). Will be able to distinguish client accounts and provide support for recording and reporting billable support activity

Desktop management/Mobile device management (MDM)-Designed for deployment by a single organization. Focuses primarily on access control and authorization.

Question 17

What is SPICE?

Answer 17

Simple Protocol for Independent Computing Environments.
Provides a remote display system to monitor and interact with virtual machine environments across the internet.
Security of the machines is provided through options like Kerberos.

Question 18

List some file transfer software OS vendors have developed.

Answer 18

Airdrop- Apple
Nearby Sharing- Microsoft’s version of Airdrop
Nearby Share- Bluetooth enabled sharing for Android devices.

Question 19

What is a shortcut for quick assist?

Answer 19

CTRL + WINDOWS KEY + Q

Question 20

What is RMM?

Answer 20

Remote Managing and monitoring.
Allows you to perform tasks remotely like analyzing activity, receiving automated alerts, tracking device health etc.
A tool commonly used by MSP (managed Service Providers)- 3rd party company that remotely manages a clients IT infrastructure.