29d • 🙋♂️ CISSP
CISSP Practice Question – Communication & Network Security (Encryption Architecture)
A multinational enterprise uses an MPLS WAN to connect global offices. The company wants to add end-to-end encryption to protect confidential data but still allow its IDS/IPS systems at key choke points to inspect for malicious traffic.
Which of the following design approaches BEST satisfies both confidentiality and monitoring requirements?
A. Deploy full-mesh IPsec tunnels between all sites to ensure maximum privacy of traffic.
B. Implement TLS encryption from client to server for all applications, and disable packet inspection.
C. Use gateway-to-gateway VPN encryption within the MPLS backbone, and terminate the tunnels at trusted inspection points.
D. Encrypt traffic at Layer 2 using MACsec (802.1AE) to protect data across the WAN.
1
11 comments
CISSP Practice Question – Communication & Network Security (Encryption Architecture)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+30
3
+30
4
+26
5
+15
Powered by