nerdexam
Cisco

300-320 · Question #7

A network manager wants to securely connect a new remote site to the existing headquarters site using a VPN technology that meets security requirements. Which VPN technology should be used?

The correct answer is B. IPsec. IPsec is the appropriate VPN technology for securely connecting two fixed sites over a WAN, providing encryption, authentication, and data integrity.

Advanced WAN Services

Question

A network manager wants to securely connect a new remote site to the existing headquarters site using a VPN technology that meets security requirements. Which VPN technology should be used?

Options

  • AGRE
  • BIPsec
  • Cremote-access VPN
  • DL2TP VPN

How the community answered

(36 responses)
  • A
    3% (1)
  • B
    89% (32)
  • C
    6% (2)
  • D
    3% (1)

Why each option

IPsec is the appropriate VPN technology for securely connecting two fixed sites over a WAN, providing encryption, authentication, and data integrity.

AGRE

GRE is a tunneling protocol that provides no encryption or authentication on its own, making it unsuitable when security requirements must be met.

BIPsecCorrect

IPsec provides a robust suite of security services - including data confidentiality via encryption (AES), data integrity via HMAC, and peer authentication via IKE - making it the standard choice for site-to-site VPN connectivity between a headquarters and a remote site. It operates at Layer 3 and can secure traffic transparently between two fixed endpoints without requiring client software on end hosts.

Cremote-access VPN

Remote-access VPN is designed for individual mobile users connecting to a corporate network, not for permanent site-to-site connectivity.

DL2TP VPN

L2TP provides tunneling at Layer 2 but has no built-in encryption; it typically relies on IPsec for security, making it a more complex and less direct choice than IPsec alone.

Concept tested: IPsec site-to-site VPN security

Source: https://www.cisco.com/c/en/us/tech/security-vpn/ipsec-negotiation-ike-protocols/index.html

Topics

#IPsec#site-to-site VPN#WAN security#VPN technologies

Community Discussion

No community discussion yet for this question.

Full 300-320 Practice