Studying for 501 and this question has got me stumped - tunelling with MAC visible over the net

eurotechieeurotechie Posts: 2Member ■□□□□□□□□□
Hi,
 I can't figure out the answer to the question below. Could someone please advise:

A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC address to be visible across the tunnel?

A.Tunnel mode IPSec
B.Transport mode VPN IPSec
C.L2TP
D.SSL VPN
Answer: D

I'm thinking the answer should B, but I'm not sure. SSL VPN just sounds too vague. Some advice would be appreciated...

Comments

  • yoba222yoba222 Posts: 1,053Member ■■■■■■■□□□
    I didn't even know you could do that. All my MAC address scanning tools seem useless whenever I'm VPNed into a network and I just assumed it was not possible. Curious to know the answer.
    2017: GCIH | LFCS
    2018: CySA+ | PenTest+ |CCNA CyberOps
    2019: VHL 20 boxes
    2020: OSCP | CISSP
  • deadjoedeadjoe Posts: 23Member ■■□□□□□□□□
    edited October 21
    All four can use certs for auth. A and C use Layer 3 routing. B is host-to-host not site-to-site.

    OpenVPN is an example of an SSL VPN that can do Layer 2 bridging site-to-site.

    I don't like this question though. It's too difficult for Security+.
  • eurotechieeurotechie Posts: 2Member ■□□□□□□□□□
Sign In or Register to comment.