exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam

Exam ANS-C00 topic 1 question 255 discussion

Exam question from Amazon's ANS-C00
Question #: 255
Topic #: 1
[All ANS-C00 Questions]

The IPsec protocol suite is made up of various components covering aspects such as confidentiality, encryption, and integrity.
Select the correct statement below regarding the correct configuration options for ensure IPsec confidentiality:

  • A. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, MD5
  • B. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, AES
  • C. The following protocols may be used to configure IPsec confidentiality, PSK, RSA
  • D. The following protocols may be used to configure IPsec confidentiality, PSK, MD5
  • E. The following protocols may be used to configure IPsec confidentiality, PSK, RSA
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Answer A is incorrect - as MD5 is a hashing protocol (data integrity) Answer C is incorrect - as PSK is short for Pre-Shared Keys (key exchange) - and again MD5 is a hashing protocol (data integrity)
Answer D is incorrect - as both MD5 and SHA are hashing protocols (data integrity) Answer E is incorrect - as both PSK and RSA are used for key exchanges
This leaves Answer B is the only correct IPsec configuration covering confidentiality. DES, 3DES, and AES are all encryption protocols.
Reference:
https://en.wikipedia.org/wiki/IPsec

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Huy
Highly Voted 3 years, 7 months ago
B is correct. https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/mvpn/general/ipsec_algorithms_protocols_c.html
upvoted 5 times
...
joanneli77
Most Recent 2 years, 6 months ago
A better question might be: Which security technologies are used to bring up an AWS VPN? (MD5 and AES). This is not a good question for this exam as it is very general and not specific to the AWS exam - this is CISSP stuff.
upvoted 1 times
...
sapien45
3 years, 3 months ago
The Correct Answer guy is Correct:B
upvoted 1 times
...
ChauPhan
3 years, 7 months ago
No idea
upvoted 2 times
...
eeghai7thioyaiR4
3 years, 8 months ago
confidentiality means "encryption" -> B
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...