3.2 Secure Network Communication Technologies (VPN, SD-WAN, and SASE)

Question 1

What is the primary function of a Virtual Private Network (VPN)?

Answer 1

To enable secure communication back to corporate network resources from a remote location.

Question 2

What key action does a VPN perform on private data?

Answer 2

It encrypts all private data and sends it securely across a public network.

Question 3

What is a VPN concentrator?

Answer 3

A purpose-built device or capability that acts as the secure endpoint for remote users connecting via the encrypted VPN link.

Question 4

What is the main responsibility of a VPN concentrator?

Answer 4

Managing the connections and decrypting the secure traffic upon arrival.

Question 5

How is a packet ‘tunneled’ in an IPsec VPN connection?

Answer 5

The original IP header and private data are encrypted, a new IPsec header and trailer are added, and a new outer IP header points to the concentrator’s IP address.

Question 6

Why are SSL/TLS VPNs effective at passing through existing network firewalls?

Answer 6

They use the same protocol and TCP port (443) as encrypted web server traffic, which is typically allowed by firewalls.

Question 7

What is a typical use case for an SSL/TLS VPN?

Answer 7

Remote access communication from a single device, such as a laptop.

Question 8

How does an SSL/TLS VPN setup differ from a site-to-site VPN?

Answer 8

An SSL VPN typically relies on common login credentials rather than requiring digital certificates or shared passwords.

Question 9

How does an organization create a ‘site-to-site’ connection using an IPsec VPN?

Answer 9

By configuring the firewalls at both remote locations to act as the VPN endpoints, automatically building an encrypted tunnel between the sites.

Question 10

What motivated the development of SD-WAN?

Answer 10

To address the challenges of connecting efficiently to distributed, cloud-based applications.

Question 11

How does SD-WAN differ from traditional centralized network designs?

Answer 11

It creates flexible, dynamic networks optimized for application access rather than centralizing all communication through an on-premises data center.

Question 12

What network inefficiency does a traditional WAN structure create?

Answer 12

Remote sites must communicate to a centralized data center before reaching cloud applications, increasing latency.

Question 13

What does SASE stand for?

Answer 13

Secure Access Service Edge.

Question 14

What is the role of SASE in relation to VPN technology?

Answer 14

It integrates security services directly into the cloud next to applications, allowing secure connections to cloud-based services.

Question 15

How might an organization combine multiple secure communication technologies?

Answer 15

By using SSL VPNs for remote access and IPsec site-to-site VPNs for branch offices, while implementing SD-WAN and SASE for optimized cloud traffic.

Question 16

Fill in the blank: A VPN is a secure form of communication that _______ all private data and sends it across a public network.

Answer 16

encrypts

Question 17

What is the function of encryption in a VPN?

Answer 17

To convert data into a coded format to prevent unauthorized access.

Question 18

Define IPsec.

Answer 18

A suite of protocols used to secure IP communication by authenticating and encrypting each IP packet.

Question 19

What is tunneling?

Answer 19

The process of encapsulating one type of network protocol within another to allow secure transmission.

Question 20

What is the standard TCP port used for SSL/TLS?

Answer 20

443