A security administrator has been asked to implement a VPN that will support remote access over IPsec Which of the following is an encryption algorithm that
would meet this requirement?

A.
MD5

B.
AES

C.
UDP

D.
PKI

Explanation:
Cryptographic algorithms defined for use with IPsec include:
– HMAC-SHA1/SHA2 for integrity protection and authenticity.
– TripleDES-CBC for confidentiality
– AES-CBC for confidentiality.
– AES-GCM providing confidentiality and authentication together efficiently Galois/Counter Mode (GCM) is a mode of operation for symmetric key cryptographic
block ciphers that has been widely adopted because of its efficiency and performance. GCM throughput rates for state of the art, high speed communication
channels can be achieved with reasonable hardware resources. The operation is an authenticated encryption algorithm designed to provide both data authenticity
(integrity) and confidentiality.

GCM is defined for block ciphers with a block size of 128 bits. Galois Message Authentication Code (GMAC) is an authentication-only variant of the GCM which can
be used as an incremental message authentication code.
Both GCM and GMAC can accept initialization vectors of arbitrary length.
Different block cipher modes of operation can have significantly different performance and efficiency characteristics, even when used with the same block cipher.
GCM can take full advantage of parallel processing and implementing GCM can make efficient use of an instruction pipeline or a hardware pipeline. In contrast, the
cipher block chaining (CBC) mode of operation incurs significant pipeline stalls that hamper its efficiency and performance