Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane?

– by 1

Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane? (Choose two.)
A. certificates
B. transport locations
C. authentication headers
D. encapsulation security payload
E. TPM chip

cisco-exams

One thought on “Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane?

  1. C , D

    ESP and AH

    Integrity—To guarantee that data traffic is transmitted across the network without being tampered with, the data plane implements several mechanisms from the IPsec security protocol suite:

    The ESP protocol encapsulates the payload of data packets.
    The HMAC-SHA1 algorithm, which is used by the IPsec AH protocol, combines a keyed-hash authentication code with SHA-1 cryptography to ensure data integrity. AH encapsulates the non-mutable fields in the outer IP header and the payload of data packets. You can configure the integrity methods supported on each vEdge router, and this information is exchanged in the router’s TLOC properties. If two vEdge peers advertise different authentication types, they negotiate the type to use, choosing the strongest method.
    The anti-replay scheme protects against attacks in which an attacker duplicates encrypted packets.

    3
    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.