Correct answer is D. "vEdge routers use Advanced Encryption Standard
(AES) with a 256-bit key length with the preferred operation Galois/Counter" FROM OCG
Mode (GCM)—hence AES-256-GCM. A secondary mode, cipher block
chaining (CBC), can be used when required, such as in multicast
applications.
Comment contradicts itself. The Cisco SD-WAN white paper and OCG by Bruno both state that GCM is normally used, however CBC is used in the case of multicast. C (CBC) is the definitive answer.
According to the below link, it depends on the SD-WAN release...go figure....so C and D I guess are both correct in a way or the other.....but will go with D since in C its a combination of CBC and HMAC
For multicast traffic:
Cisco SD-WAN Release 20.1.x and later– the encryption algorithm is AES-256-GCM
Previous releases– the encryption algorithm is AES-256-CBC with SHA1-HMAC
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/security/vedge-20-x/security-book/config-sec-param.html#:~:text=For%20unicast%20traffic%2C%20the%20encryption,algorithm%20is%20AES%2D256%2DGCM
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.300-420 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
34da117
8Â months agoFibzy
1Â year agotossaway25
2Â months, 1Â week ago26d13e9
1Â year ago