Attackers have come to leverage exploits precipitated by system vulnerabilities and lapses by using malware which otherwise tends to be noisy as it generates un- usual network traffic and system calls. Such noise is usually captured by intrusion detection systems. Therefore, malware-free intrusions which generate little noise if any at all, are especially attractive to APT actors because they covertly use normal applications making it hard for intrusion detection systems. In this paper, we consider malware-free intrusions by formulating representations of system security states using Boolean logic in the scenario of a backdoor attack utilizing system implementation of pre-authentication services. We further derive, from the generated attack scenarios, a Bayesian security assessment model based on the environmental parameters of the experimental test-bed based on the backdoor attack via RDP-based remote access. The malware-free intrusion based on RDP backdoor attack is successfully run on five different versions of operating systems.