When designing remote access to the Enterprise Campus network for teleworkers and mobile workers, which of the following should the designer consider?
A.
It is recommended to place the VPN termination device in line with the Enterprise Edge firewall, with ingress traffic limited to SSL only
B.
Maintaining access rules, based on the source IP of the client, on an internal firewall drawn from a headend RADIUS server is the most secure deployment
C.
VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in place
D.
Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick), including at Layer7
My guess was also A. But you can find in the ARCH book (third edition):
"Tunnel-based VPNs (IPsec and SSL VPN clients) provide Layer 3 control at the protocol, port, and destination IP level. Clientless SSL VPNs can provide more granular Layer 7 access control, including URL-based access or file server directory-level access control."
So D is probably correct.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.300-320 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
scar
5 years, 4 months agoasdf2021
5 years, 4 months ago