When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?
A. AH Tunnel mode
B. AH promiscuous
C. ESP transport mode
D. ESP confidential
EC-Council Certified Ethical Hacker v11Free dumps for 312-50v11 in Printable PDF format.High quality PDF and software. VALID exam to help you pass. |
From what I study from EC-Council e-book,
ESP – encrypts and optionally authenticates the entire inner IP packets while
AH – authenticates the entire inner IP packet and selected fields of the outer IP header
Therefore, i would choose ESP over AH. And since there’s no such thing as a ESP Confidential (not to my limited knowledge), the correct answer should be C – ESP Transport.
Answer correct
The Encapsulating Security Payload (ESP) protocol offers confidentiality.
Unlike AH, ESP does not provide integrity and authentication for the entire IP packet in transport mode. (But does provide confidentiality)
Wrong. The answer here is AH Tunnel mode. Only in tunnel mode is the entire packet encrypted. Transport mode is used when another tunneling protocol (e.g. GRE) is used to already provide encryption. Answer A is correct here.
Guessing – ESP Transport mode.
IPSec only has two modes: tunnel & transport. AH provides authentication; ESP provides privacy. I don’t see a ESP confidential mode/protocol anywhere.
http://www.tcpipguide.com
When transport mode is used, IPSec encrypts only the IP payload. Transport mode provides the
protection of an IP payload through an AH or ESP header. Encapsulating Security Payload (ESP)
provides confidentiality (in addition to authentication, integrity, and anti-replay protection) for the IP
payload.
When transport mode is used, IPSec encrypts only the IP payload. Transport mode provides the
protection of an IP payload through an AH or ESP header. Encapsulating Security Payload (ESP)
provides confidentiality (in addition to authentication, integrity, and anti-replay protection) for the IP
payload.
C is the right one