An educational institution would like to make computer labs available to remote students. The labs are used for
various IT networking, security, and programming courses. The requirements are:
1. Each lab must be on a separate network segment.
2. Labs must have access to the Internet, but not other lab networks.
3. Student devices must have network access, not simple access to hosts on the lab networks.
4. Students must have a private certificate installed before gaining access.
5. Servers must have a private certificate installed locally to provide assurance to the students.
6. All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?
A.
L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab
segment
B.
SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
C.
IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network
equipment
D.
Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing
equipment