Home > Quiz: IPsec vs. SSL VPNs
Security Quiz:
EMAIL THIS LICENSING & REPRINTS

Quiz: IPsec vs. SSL VPNs

17 Nov 2005 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

VPNs made headlines this week with a report of a severe flaw in a protocol that IPsec VPNs rely on. Test your knowledge of IPsec and SSL VPNs with this quiz, and click through to our additional resources to help you determine which technology best suits your organization's needs.

1.) Which type of VPN encryption sets up a secure, encrypted link between two points, but does not encrypt the headers of the data packets?
a. Transport encryption
b. Tunneling encryption
Answer

2.) Which of the following is a basic requirement of an SSL VPN?
a. Proxy access and protocol conversion
b. Remote-access orientation
c. Extranet support
d. Highly granular access controls
e. All of the above
Answer

IPsec vs. SSL VPNs

Learn what an SSL VPN is and how it compares to existing IPsec-based solutions in this PowerPoint presentation

Read an overview of VPN options and remote access alternatives

IT pros weigh the benefits of SSL and IPsec VPNs
3.) In which scenario is an IPsec VPN generally considered a better solution than an SSL VPN for remote access?
a. Telecommuters coming from fixed sites, using managed corporate devices and terminating in a secure, private network on either side.
b. Telecommuters without fixed access who want to come in from a variety of sites.
Answer

4.) Which layer of the network does an IPsec VPN operate on?
a. Layer 3
b. Layer 4
c. Layers 4 though 7
d. None of the above
Answer

5.) Which of the following operational modes is the simplest and most usable, as well as the most supported by SSL VPNs?
a. Application translation
b. Port forwarding
c. Proxy
d. Network extension
Answer

6.) Which of the following describes an IPsec VPN?
a. Requires host-based clients and hardware at a central location. Users have full office functionality, but there's very little granularity in access control.
b. Does not require a client download. Remote connections made via a Web browser or a downloadable Java or ActiveX agent. Role-based access can be assigned for each user, and application and client administration is eliminated.
Answer

7.) True or False: SSL VPNs are inherently less secure than IPsec VPNs.
a. True
b. False
Answer

8.) Encapsulating Security Payload (ESP) allows for...
a. Authentication of the sender of data
b. Encryption of the data
c. Both authentication of the sender and encryption of the data
d. None of the above
Answer

9.) Which of the following features of SSL VPNs help avoid the risk of leaving sensitive information on public PCs used to access a corporate network?
a. Secure logout
b. Credential scrubbing
c. Auto forms completion disabling
d. All of the above
Answer

10.) What is the transmission of data through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network?
a. Tunneling
b. Virtual private network
c. Output feedback
d. Promiscuous mode
Answer

How'd you score?
9-10 correct: VPN virtuoso
6-8 correct: VPN savvy
3-5 correct: VPN novice
0-2 correct: Unversed in VPNs


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
IPSec
Is an IPsec VPN necessary when connecting remote servers that process financial transactions?
What ports should be opened and closed when IPsec filters are implemented?
DMVPN configuration: Is an additional firewall needed between the router and the Internet?
How should the ipseccmd.exe tool be used in Windows Vista?
Can Trojans and other malware exploit split-tunnel VPNs to infiltrate a network?
IPsec tunneling: Exploring the security risks
Should an IT staff be concerned with a network's physical security?
How expensive are IPsec VPN setup costs?
Do split-tunneling features make a VPN vulnerable?
Will securing a wireless LAN make the data link layer vulnerable?
IPSec Research

SSL
The Shortcut Guide to Extended Validation SSL Certificates
Product review: Array Networks SPX2000
How to test the security of personal details submitted to a website
Should enterprises implement a mandatory iPhone VPN?
Should iPhone email be sent without SSL encryption?
How to secure an FTP connection
Can Trojans and other malware exploit split-tunnel VPNs to infiltrate a network?
What are the risks of connecting a Web service to an external system via SSL?
What is the most secure way for application developers to manage cookies?
For a small office, what are the best, least expensive office servers with secure access?

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Internet Key Exchange  (SearchSecurity.com)
IPsec  (SearchSecurity.com)
network encryption  (SearchSecurity.com)
virtual private network  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts