ExamGecko
Search Search Login
Home Home / ECCouncil / 212-81
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Represents the total number of possible values of keys in a cryptographic algorithm or other security measure, such as a password.
If Bob is using asymmetric cryptography and wants to send a message to Alice so that only she can decrypt it, what key should he use to encrypt the message?
Message hidden in unrelated text. Sender and receiver have pre-arranged to use a pattern to remove certain letters from the message which leaves only the true message behind.
3DES can best be classified as which one of the following?
In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known as wardriving. Which Algorithm is this referring to?
Nicholas is working at a bank in Germany. He is looking at German standards for pseudo random number generators. He wants a good PRNG for generating symmetric keys. The German Federal Office for Information Security (BSI) has established four criteria for quality of random number generators. Which ones can be used for cryptography?
Ahlen is using a set of pre-calculated hashes to attempt to derive the passwords from a Windows SAM file. What is a set of pre-calculated hashes used to derive a hashed password called?
Which of the following is the successor of SSL?
You are studying classic ciphers. You have been examining the difference between single substitution and multi-substitution. Which one of the following is an example of a multi-alphabet cipher?
A cryptanalysis success where the attacker discovers additional plain texts (or cipher texts) not previously known.

Question 49 - 212-81 discussion

Report
Export

In IPSec, if the VPN is a gateway-gateway or a host-gateway, then which one of the following is true?

A.
IPSec does not involve gateways
Answers
A.
IPSec does not involve gateways
B.
Only transport mode can be used
Answers
B.
Only transport mode can be used
C.
Encapsulating Security Payload (ESP) authentication must be used
Answers
C.
Encapsulating Security Payload (ESP) authentication must be used
D.
Only the tunnel mode can be used
Answers
D.
Only the tunnel mode can be used
Suggested answer: D

Explanation:

IPSec has two different modes: transport mode and tunnel mode.

Only the tunnel mode can be used

https://en.wikipedia.org/wiki/IPsec

In tunnel mode, the entire IP packet is encrypted and authenticated. It is then encapsulated into a new IP packet with a new IP header. Tunnel mode is used to create virtual private networks for network-to-network communications (e.g. between routers to link sites), host-to-network communications (e.g. remote user access) and host-to-host communications (e.g. private chat).

Incorrect answers:

Encapsulating Security Payload (ESP) authentication must be used. ESP in transport mode does not provide integrity and authentication for the entire IP packet. However, in Tunnel Mode, where the entire original IP packet is encapsulated with a new packet header added, ESP protection is afforded to the whole inner IP packet (including the inner header) while the outer header (including any outer IPv4 options or IPv6 extension headers) remains unprotected.

IPSec does not involve gateways. Wrong.

Only transport mode can be used. Transport mode, the default mode for IPSec, provides for end-to-end security. It can secure communications between a client and a server. When using the transport mode, only the IP payload is encrypted.

Show Answer
asked 18/09/2024
Anouar Ettahery
35 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms