nerdexam
GIAC

GSEC · Question #253

GSEC Question #253: Real Exam Question with Answer & Explanation

The correct answer is A. Integrity Check Value. AH uses an Integrity Check Value (ICV) computed over packet headers to authenticate the source and detect tampering, preventing source address spoofing.

Question

What does Authentication Header (AH) add to the packet in order to prevent an attacker from lying about the source?

Options

  • AIntegrity Check Value
  • BAES-128 encryption
  • CTriple DES encryption
  • D32-bit sequence number

Explanation

AH uses an Integrity Check Value (ICV) computed over packet headers to authenticate the source and detect tampering, preventing source address spoofing.

Common mistakes.

  • B. AES-128 is a symmetric encryption algorithm used for confidentiality in ESP, not a feature of AH, which provides no encryption.
  • C. Triple DES is an encryption algorithm associated with ESP confidentiality, not with AH, which does not perform any encryption.
  • D. The 32-bit sequence number in AH is used to prevent replay attacks, not to authenticate the packet source or prevent source spoofing.

Concept tested. IPsec AH Integrity Check Value and source authentication

Reference. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc739412(v=ws.10)

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSEC Practice