Which of the following are true statements about IPSec?
a = IPSec provides mechanisms for authentication and encryption.
b = IPSec provides mechanisms for nonrepudiation.
c = IPSec will only be deployed with IPv6.
d = IPSec authenticates hosts against each other.
e = IPSec only authenticates clients against a server.
f = IPSec is implemented in SSH and TLS.
A.
a and d
B.
a, b, and e
C.
a, b, c, d, and f
D.
a, b, c, e, and f
Explanation:
A: IP Security (IPSec) is a suite of protocols for communicating securely with IP by providing mechanisms for authenticating and encryption. Standard IPSec authenticates only hosts with each other. Page 804.
add choice B: the primary goals of IPsec are data confidentiality, data integrity, and host authentication. The combination of integrity and authentication provides non-repudiation. IPsec also detects replay attacks.
http://www.cromwell-intl.com/tcpip/what-is-ipsec.html
0
0
Non-repudiation?
IPSec only have authenticity with machine, not the person.
So, non-repudiation is not suitable.
If you are talking point to site, it might be correct. But normally, IPSec is work on Site to Site.
0
0
IP Security (IPSec) is a suite of protocols for communicating securely with IP by providing mechanisms for authenticating and encryption. Standard IPSec authenticates only hosts with each other.
IP安全(IPSec)是通過提供身份驗證和加密機制,IP安全通信的一組協議。標準的IPSec認證僅與對方主機
0
0