An engineer configures hosts on a network to use IPSEC for secure communications. The engineer decides between Encapsulation Security Payload (ESP) or Authentication Header (AH). If the engineer chooses transport mode over tunnel mode, which specifics of operation should be expected?

A. With ESP the whole IP packet (header and payload) is encrypted: With ESP in tunnel mode, the whole IP packet (header and payload) is encrypted and encapsulated as a datagram with a new IP header.

B. With ESP the IP header for each packet is not encrypted: Transport mode is used to secure communications between hosts on a private network. When ESP is applied, the IP header for each packet is not encrypted, just the payload data.

C. AH has no real use in this mode: AH has no real use case in tunnel mode, as confidentiality will usually be required.

D. AH can provide integrity for the IP header: If AH is used in transport mode, it can provide integrity for the IP header as it performs a cryptographic hash on the whole packet.

Question

contestada

Respuesta :