Computer Networks Questions & Answers – AH and ESP Protocols

«
»

This set of Computer Networks Questions and Answers for Experienced people focuses on “AH and ESP Protocols”.

1. Which mode of IPsec should you use to assure the security and confidentiality of data within the same LAN?
a) AH transport mode
b) ESP transport mode
c) ESP tunnel mode
d) AH tunnel mode
View Answer

Answer: b
Explanation: ESP transport mode should be used to ensure the integrity and confidentiality of data that is exchanged within the same LAN. ESP tunnel mode is comparatively more secure and should be used to assure the security of the data within different LANs.
advertisement

2. Which two types of encryption protocols can be used to secure the authentication of computers using IPsec?
a) Kerberos V5
b) SHA
c) MD5
d) Both SHA and MD5
View Answer

Answer: d
Explanation: SHA or MD5 can be used. Kerberos V5 is an authentication protocol, not an encryption protocol; therefore, answer A is incorrect. Certificates are a type of authentication that can be used with IPsec, not an encryption protocol; therefore, answer B is incorrect.

3. Which two types of IPsec can be used to secure communications between two LANs?
a) AH tunnel mode
b) ESP tunnel mode
c) Both AH tunnel mode and ESP tunnel mode
d) ESP transport mode
View Answer

Answer: c
Explanation: The AH and ESP tunnel mode IPSec should be used for data transfer purpose, option d is for integrity & confidentiality purpose. Tunnel mode provides security for the entire original IP packet unlike transport mode which is not as secure as it only encrypts the data portion and not the whole packet.
advertisement
advertisement

4. ______ provides authentication at the IP level.
a) AH
b) ESP
c) PGP
d) SSL
View Answer

Answer: a
Explanation: The Authentication Header (AH) authenticates the origin of data, and guarantees the integrity of the information that’s being sent using IPSec. It also provides anti-reply security.

5. IPsec defines two protocols: _______ and ________
a) AH; SSL
b) PGP; ESP
c) AH; ESP
d) PGP; SSL
View Answer

Answer: c
Explanation: AH ensures that there is no retransmission of data from an unauthorized source, and protects against data tampering. ESP provides with content protection and ensures that there is integrity and confidentiality for the message.
advertisement

6. IP Security operates in which layer of the OSI model?
a) Network
b) Transport
c) Application
d) Physical
View Answer

Answer: a
Explanation: IPSec is a set of protocols used to provide authentication, data integrity and confidentiality between two machines in an IP network. In the TCP/IP model, it provides security at the IP layer i.e. the network layer.

7. ESP does not provide ________
a) source authentication
b) data integrity
c) privacy
d) error control
View Answer

Answer: d
Explanation: The ESP provides data confidentiality, integrity and authentication. It provides confidentiality through encryption. ESP can operate in two modes, transport mode and tunnel mode.
advertisement

8. In computer security _______ means that computer system assets can be modified only by authorized parities.
a) confidentiality
b) integrity
c) availability
d) authenticity
View Answer

Answer: b
Explanation: Integrity means that computer system assets can be modified only by authorized parities. Confidentiality means that the assets can only be accessed by authorized parties. Availability refers to the accessibility of the resource to the authorized parties. Authenticity means that the asset is not unethically changed.

9. In computer security _______ means that the information in a computer system only be accessible for reading by authorized parities.
a) confidentiality
b) integrity
c) availability
d) authenticity
View Answer

Answer: a
Explanation: Confidentiality means that the assets can only be accessed by authorized parties. Integrity means that computer system assets can be modified only by authorized parities. Availability refers to the accessibility of the resource to the authorized parties. Authenticity means that the asset is not unethically changed.
advertisement

10. Which of the following organizations is primarily concerned with military encryption systems?
a) NSA
b) NIST
c) IEEE
d) ITU
View Answer

Answer: a
Explanation: The NSA is primarily responsible for military encryption systems. The NSA designs evaluates, and implements encryption systems for the military and government agencies with high security needs.

Sanfoundry Global Education & Learning Series – Computer Networks.

To practice all areas of Computer Networks for Experienced people, here is complete set of 1000+ Multiple Choice Questions and Answers.

Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

advertisement
advertisement
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He is Linux Kernel Developer & SAN Architect and is passionate about competency developments in these areas. He lives in Bangalore and delivers focused training sessions to IT professionals in Linux Kernel, Linux Debugging, Linux Device Drivers, Linux Networking, Linux Storage, Advanced C Programming, SAN Storage Technologies, SCSI Internals & Storage Protocols such as iSCSI & Fiber Channel. Stay connected with him @ LinkedIn | Youtube | Instagram | Facebook | Twitter