What three things can authentication for IPsec be based upon?
What will be an ideal response?
The authentication for IPsec can be based on:
* Pre-shared key-This is a password that needs to be configured on both the VPN client and the remote access server. A pre-shared key is relatively easy to implement, but, since a single password is shared by all clients and the remote access server, this is not very secure.
* Certificates-If the VPN client and the remote access server have both been configured with certificates that are trusted, then certificate authentication can be used. This is more secure than a pre-shared key, but it can be awkward to deploy certificates to all of the VPN clients.
* Kerberos-Windows-based networks use Kerberos to authenticate users and computers. This same protocol can be used by IPsec. Using IPsec is only possible if the VPN client computer and the remote access server are members of the same Active Directory forest.
You might also like to view...
To select a theme from the Themes gallery, you must click on the Themes button in the Themes group on the ________ tab
A) Home B) Data C) Insert D) Page Layout
The f:ajax element's ________ attribute specifies a space-separated list of element ids for the elements that should be updated via partial page updates.
a. execute. b. render. c. send. d. display.