click below
click below
Normal Size Small Size show me how
CS4840 Final
Question | Answer |
---|---|
IPsec is designed to provide security at the application layer. True or False? | False. IPsec is designed to provide security at the application NETWORK layer. |
IPsec transport mode has segment as the IPsec payload whereas tunnel mode has IP packet as the IPsec payload. True or False? | True |
Before sending IPsec packets, a logical connection is created between the source and destination, and this connection is bidirectional. True or False? | False. Before sending IPsec packets, a logical connection is created between the source and destination, and this connection is UNI-DIRECTIONAL. |
To send and receive IPsec packets (to/from) a destination, a router should have two Security Associations (SAs). True or False? | True |
Authentication Header (AH) does not provide confidentiality. True or False? | True. Authentication Header (AH) provides AUTHENTICATION and DATA INTEGRITY, not confidentiality. |
Authentication Header (AH) and Encapsulation Security Payload (ESP) do not provide source authentication and data integrity. True or False? | True |
What info. not in Security Association DB? a. SA identifier, SPI b. IP add. of source (beginning of SA) c. IP add. of destination (end of SA) d. Encryption type & key e. MAC add. of source (beginning of SA) f. MAC add. of destination (end of SA) | e. MAC add. of source (beginning of SA) f. MAC add. of destination (end of SA) |
Authentication provides function that sender, receiver want to ensure message not altered (in transit, or afterwards) without detection. True or False? | True |
Public key encryption is only used for the encryption of symmetric key. True or False? | False |
One can apply its public key to generate a digital signature. True or False? | False |
The integrity of a document should be verified by the receiver inverting the message digest (fingerprint) to the original message. True or False? | False |