A company implements an IPsec VPN to secure remote employee communications. After a penetration test, the security team finds that an attacker can still see employees' visited websites and read metadata about the connections. However, the actual payloads remain encrypted. What misconfiguration is most likely causing this issue? a) The company used IPsec in Transport Mode instead of Tunnel Mode. b) The VPN did not authenticate users properly before establishing encryption. c) The attacker exploited an AES timing attack to leak partial key information. d) The company used an outdated hashing algorithm in the IKE phase.

Crowdly

Додати до Chrome

✅ Перевірена відповідь на це питання доступна нижче. Наші рішення, перевірені спільнотою, допомагають краще зрозуміти матеріал.

A company implements an IPsec

VPN to secure remote employee communications. After a penetration test, the

security team finds that an attacker can still see employees' visited websites

and read metadata about the connections. However, the actual payloads remain

encrypted.

What misconfiguration

most likely causing this issue?

a) The company used IPsec in

Transport Mode instead of Tunnel Mode.

b) The VPN did not authenticate users properly before establishing encryption.

c) The attacker exploited an AES timing attack to leak partial key information.

d) The company used an outdated hashing algorithm in the IKE phase.

100%

Отримайте необмежений доступ до відповідей на екзаменаційні питання - встановіть розширення Crowdly зараз!

Додати до Chrome