When designing remote access to the Enterprise Campus network for teleworkers and mobile workers, which of the following should the designer consider?

When designing remote access to the Enterprise Campus network for teleworkers and mobile workers, which of the following should the designer consider?

When designing remote access to the Enterprise Campus network for teleworkers and mobile workers, which of the following should the designer consider?

A.
It is recommended to place the VPN termination device in line with the Enterprise Edge firewall, with ingress traffic limited to SSL only

B.
Maintaining access rules, based on the source IP of the client, on an internal firewall drawn from a headend RADIUS server is the most secure deployment

C.
VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in place

D.
Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick), including at Layer7

Explanation:

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

Saeed

Saeed

Page 422 Designing Cisco Network Service Architectures (ARCH) Foundation Learning Guide: (CCDP ARCH 642-874)

Tunnel-based VPNs (IPsec and SSL VPN clients) provide Layer 3 control at the protocol, port, and destination
IP level. Clientless SSL VPNs (WebVPN) can provide more granular Layer 7 access control, including URL-based access
or file server directory-level access control.

Reply