CompTIA Security+ (SY0-501) — Question 559

A systems administrator needs to configure an SSL remote access VPN according to the following organizational guidelines:
✑ The VPN must support encryption of header and payload.
✑ The VPN must route all traffic through the company's gateway.
Which of the following should be configured on the VPN concentrator?

Answer options

• A. Full tunnel
• B. Transport mode
• C. Tunnel mode
• D. IPSec

Correct answer: C

Explanation

The correct answer is C, Tunnel mode, as it provides encryption for both the header and payload, ensuring secure communication through the VPN. The other options, such as Transport mode (B), do not encrypt the header, and Full tunnel (A) and IPSec (D) do not specifically address the requirement for SSL remote access in this context.