VPNs made headlines this week with a report of a severe flaw in a protocol that IPsec VPNs rely on. Test your knowledge of IPsec and SSL VPNs with this quiz, and click through to our additional resources to help you determine which technology best suits your organization's needs.
1.) Which type of VPN encryption sets up a secure, encrypted link between two points, but does not encrypt the headers of the data packets?
a. Transport encryption
b. Tunneling encryption
2.) Which of the following is a basic requirement of an SSL VPN?
a. Proxy access and protocol conversion
b. Remote-access orientation
c. Extranet support
d. Highly granular access controls
e. All of the above
3.) In which scenario is an IPsec VPN generally considered a better solution than an SSL VPN for remote access?
a. Telecommuters coming from fixed sites, using managed corporate devices and terminating in a secure, private network on either side.
b. Telecommuters without fixed access who want to come in from a variety of sites.
4.) Which layer of the network does an IPsec VPN operate on?
a. Layer 3
b. Layer 4
c. Layers 4 though 7
d. None of the above
5.) Which of the following operational modes is the simplest and most usable, as well as the most supported by SSL VPNs?
a. Application translation
b. Port forwarding
d. Network extension
6.) Which of the following describes an IPsec VPN?
a. Requires host-based clients and hardware at a central location. Users have full office functionality, but there's very little granularity in access control.
b. Does not require a client download. Remote connections made via a Web browser or a downloadable Java or ActiveX agent. Role-based access can be assigned for each user, and application and client administration is eliminated.
7.) True or False: SSL VPNs are inherently less secure than IPsec VPNs.
8.) Encapsulating Security Payload (ESP) allows for...
a. Authentication of the sender of data
b. Encryption of the data
c. Both authentication of the sender and encryption of the data
d. None of the above
9.) Which of the following features of SSL VPNs help avoid the risk of leaving sensitive information on public PCs used to access a corporate network?
a. Secure logout
b. Credential scrubbing
c. Auto forms completion disabling
d. All of the above
10.) What is the transmission of data through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network?
b. Virtual private network
c. Output feedback
d. Promiscuous mode