Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/28

Click to flip

28 Cards in this Set

  • Front
  • Back
IP security is a capability that can be added to either current version of the Internet Protocol by means of additional headers.
True
The principal feature of IPsec is that it can encrypt and/or authenticate all traffic at the IP level.
True
Transport mode provides protections to the entire IP packet.
False
Additional padding may be added to provide partial traffic flow confidentiality by concealing the actual length of the payload.
True
Authentication must be applied to the entire original IP packet.
False
An end user whose system is equipped with IP security protocols can make a local call to an ISP and gain secure access to a company network.
True
Both tunnel and transport modes can be accommodated by the encapsulation security payload encryption format.
True
An individual SA can implement both the AH and the ESP protocol.
False
By implementing security at the IP level an organization can ensure secure networking not only for applications that have security mechanisms but also for the many security ignorant applications.
True
IPsec can guarantee that all traffic designated by the network administrator is authenticated bu cannot guarantee that it is encrypted.
False
Any traffic from the local host to a remote host for purposes of an IKE exchange bypasses the IPsec processing.
True
IPsec is executed on a packet-by-packet basis.
True
The Payload Data Field is designed to deter replay attacks.
False
The Security Parameters Index identifies a security association.
True
The default automated key management protocol for IPsec is referred to as ISAKMP/Oakley.
True
Authentication applied to the entire original IP packet is ______.
tunnel mode
_________ defines a number of techniques for key management.
SKE
Authentication applied to all of the packets except for the IP header is ___________.
transport mode
The __________ mechanism assures that a received packet was in fact transmitted by the party identified as the source in the packet header and assures that the packet has not been altered in transit.
authentication
________ provides the capability to secure communications across a LAN, across private and public WANs, and across and Internet.
IPsec
The __________ facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties.
confidentiality
The key management mechanism that is used to distribute keys is coupled to the authentication and privacy mechanisms only by way of the __________.
SPI
A ________ is a one way relationship between a sender and a receiver that affords security services to the traffic carried on it.
SA
The means by which IP traffic is related to specific SAs is the _________.
SPD
_________ consists of an encapsulating header and trailer used to provide encryption of combined encryption/authentication. The current specification is RFC 4303.
IPsec
___________ identifies the type of data contained in the payload data field by identifying the first header in that payload.
Sequence header
A value chosen by the responder to identify a unique IKESA is a ____________.
responder cookie
IKE key determination employs _________ to ensure against replay attacks.
flags