A security engineer has been asked to deploy a secure remote access solution that will allow employees to connect to the company’s internal network. Which of the following can be implemented to minimize the opportunity for the man-in-the-middle attack to occur?
A. SSL
B. Mutual authentication
C. IPSec
D. Static IP addresses
EC-Council Certified Ethical Hacker v11Free dumps for 312-50v11 in Printable PDF format.High quality PDF and software. VALID exam to help you pass. |
Here’s a thought, not enough details 🙂
You could potentially DROWN or FREAK against an SSL VPN and it is likely to cause problems OR use a 100% valid certificate and cause some DNS poisoning or hack a host file, and have them point to YOUR VPN head-end instead, and IKEv1 IPSec tunnels can now be broken into.
Let’s get some better context if this is a real question…