EC-Council
312-50V9 · Question #393
312-50V9 Question #393: Real Exam Question with Answer & Explanation
The correct answer is C: ESP transport mode. ESP (Encapsulating Security Payload) transport mode provides data confidentiality through encryption for host-to-host communication within the same LAN.
Question
When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?
Options
- AAH Tunnel mode
- BAH promiscuous
- CESP transport mode
- DESP confidential
Explanation
ESP (Encapsulating Security Payload) transport mode provides data confidentiality through encryption for host-to-host communication within the same LAN.
Common mistakes.
- A. AH (Authentication Header) tunnel mode provides integrity and anti-replay protection but offers no encryption, so it cannot protect data confidentiality.
- B. AH promiscuous is not a valid or recognized IPSec mode - promiscuous is a network interface mode, not an IPSec configuration.
- D. ESP confidential is not a valid IPSec mode designation - the correct modes for ESP are transport and tunnel.
Concept tested. IPSec ESP transport mode for LAN confidentiality
Reference. https://learn.microsoft.com/en-us/windows-server/networking/technologies/ipsec/ipsec-overview
Community Discussion
No community discussion yet for this question.