Your company has implemented a VPN for secure connectivity to the network when you are working off-site. Why is a VPN considered to be a secure connection?
A) A VPN uses wireless connections to communicate across the network.
B) A VPN encrypts all of the network traffic between your computer and the corporate network.
C) A VPN requires a username and password to access the network.
D) A VPN provides a temporary connection that cannot be tracked over time.
The answer: B) A VPN encrypts all of the network traffic between your computer and the corporate network.
A Virtual Private Network is designed to provide a highly secure encrypted connection between systems. When used with a remote computer, a VPN can provide access to a corporate network through encrypted connections. Most organizations will require a VPN connection when working off-site, and some environments that need additional internal security will even require VPN connectivity across internal WAN or LAN links.
The incorrect answers:
A) A VPN uses wireless connections to communicate across the network.
A VPN can communicate over any network connection, not just wireless connections. Although VPN connections normally encrypt information, using a VPN over a wireless connection isn’t why a VPN connection is considered secure.
C) A VPN requires a username and password to access the network.
Most VPN connections provide some method of authentication, but providing a username and password doesn’t provide inherent security for VPNs.
D) A VPN provides a temporary connection that cannot be tracked over time.
While most end-user VPN connections are temporary, many organizations will use VPN connections between sites that are always connected. The duration of the VPN connection isn’t representative of its overall security.
Want to know more? Watch “Securing Data.”What are the most important aspects to remember for securing your organization’s important data? In this video, we’ll show you some useful best practices for securing data through such methods as access controls, event logging, encryption, password management, and incident reporting. |