300-320 · Question #7
A network manager wants to securely connect a new remote site to the existing headquarters site using a VPN technology that meets security requirements. Which VPN technology should be used?
The correct answer is B. IPsec. IPsec is the appropriate VPN technology for securely connecting two fixed sites over a WAN, providing encryption, authentication, and data integrity.
Question
A network manager wants to securely connect a new remote site to the existing headquarters site using a VPN technology that meets security requirements. Which VPN technology should be used?
Options
- AGRE
- BIPsec
- Cremote-access VPN
- DL2TP VPN
How the community answered
(36 responses)- A3% (1)
- B89% (32)
- C6% (2)
- D3% (1)
Why each option
IPsec is the appropriate VPN technology for securely connecting two fixed sites over a WAN, providing encryption, authentication, and data integrity.
GRE is a tunneling protocol that provides no encryption or authentication on its own, making it unsuitable when security requirements must be met.
IPsec provides a robust suite of security services - including data confidentiality via encryption (AES), data integrity via HMAC, and peer authentication via IKE - making it the standard choice for site-to-site VPN connectivity between a headquarters and a remote site. It operates at Layer 3 and can secure traffic transparently between two fixed endpoints without requiring client software on end hosts.
Remote-access VPN is designed for individual mobile users connecting to a corporate network, not for permanent site-to-site connectivity.
L2TP provides tunneling at Layer 2 but has no built-in encryption; it typically relies on IPsec for security, making it a more complex and less direct choice than IPsec alone.
Concept tested: IPsec site-to-site VPN security
Source: https://www.cisco.com/c/en/us/tech/security-vpn/ipsec-negotiation-ike-protocols/index.html
Topics
Community Discussion
No community discussion yet for this question.