Virtual Private Network (VPN) is a generic term that refers to the use of public or private networks to interconnect separated network users so that they may communicate as if on a private network. Which of the following is least likely to be implemented to support VPN? (Wentz QOTD)
A. Interconnect LAN segments over a packet-switched network as one single LAN.
B. Encapsulate a MAC frame in UDP to create an overlay network or tunnel.
C. Use a delivery protocol operating equal to or higher than the payload to create a tunnel.
D. Encapsulate IPsec traffic in tunnel mode using ESP to enforce end-to-end confidentiality.
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is __.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
Reference
- RFC 4026: Provider Provisioned Virtual Private Network (VPN) Terminology
- RFC 2764: A Framework for IP Based Virtual Private Networks
- RFC 1701: Generic Routing Encapsulation (GRE)
- RFC 2661: Layer Two Tunneling Protocol “L2TP”
- RFC 7209: Requirements for Ethernet VPN (EVPN)
- Connect Azure VPN gateways to multiple on-premises policy-based VPN devices using PowerShell
- IPsec
- Tunneling protocol
- Generic Routing Encapsulation
- Virtual circuit
- Virtual private network
- Virtual Extensible LAN
- Multiprotocol Label Switching
- Ethernet VPN
虛擬專用網絡 (VPN) 是一個通用術語,指的是使用公共或專用網絡來互連分離的網絡用戶,以便他們可以像在專用網絡上一樣進行通信。 以下哪項最不可能實施以支持 VPN? (Wentz QOTD)
A. 通過分封交換網絡將 LAN 網段互連為一個 LAN。
B. 在 UDP 中封裝 MAC 訊框(frame)以創建覆蓋(overlay)網絡或隧道。
C. 使用運行等於或高於有效負載(payload)的傳遞協議來創建隧道。
D. 使用 ESP 以隧道模式封裝 IPsec 流量以強制執行端到端機密性。