An engineer is configuring IPsec VPN and needs an authentication protocol that is reliable and supports ACK and sequence. Which protocol accomplishes this goal?
An engineer is configuring IPsec VPN and needs an authentication protocol that is reliable and supports ACK and sequence. Which protocol accomplishes this goal?
The protocol that accomplishes the goal of providing reliable authentication with support for acknowledgment and sequence is IKEv1. IKEv1 (Internet Key Exchange version 1) is a protocol used to set up a security association (SA) in the IPsec protocol suite. It provides a handshake process and supports acknowledgment and sequencing for reliable communication during the authentication and key exchange. AES-256 and AES-192 are encryption protocols and do not provide the required authentication, acknowledgment, or sequencing features. ESP (Encapsulating Security Payload) focuses on providing confidentiality, integrity, and authentication for IP packets but does not support acknowledgment or sequencing.
Answer 'C' : https://www.hypr.com/security-encyclopedia/encapsulating-security-payload-esp
https://www.rfc-editor.org/rfc/rfc7402.html
Ikev1 does authentication and a has a handshake process https://www.cisco.com/c/es_mx/support/docs/security-vpn/ipsec-negotiation-ike-protocols/217432-understand-ipsec-ikev1-protocol.html
ESP - it has ACK & sequence numbers, not IKEv1 But call it authentication protocol is misleading. Shame on you, Cisco
Has to be IKEv2 (ack is there) and ESP - so C
ESP provides confidentiality, authentication, and integrity to IP Packets. It does NOT include mechanisms for acknowledging or sequencing messages - which is a requirement for this question. IKEv1 SUPPORTS acknowledgements and sequencing to ensure reliable delivery of messages during the negotiation process.
Neither IKEv1 or ESP has ACK messages. IKEv1 has 6 messages, to negotiate tunnel, that's all. ESP sure does have sequence numbers.
A,C and D are Encryption protocols... so B
it is B ikev1