nerdexam
GIAC

GSLC · Question #163

GSLC Question #163: Real Exam Question with Answer & Explanation

The correct answer is A. IPSec with ESP. IPSec with ESP is required when both data confidentiality (encryption) and integrity are needed between two network segments.

Question

According to the security requirements given in case study, which of the following security method should you implement to provide data security between NSILegal and NSIHR? (Click the Exhibit button on the toolbar to see the case study.)

Options

  • AIPSec with ESP
  • BEFS
  • CIPSec with AH
  • DGroup Policies for shared folders

Explanation

IPSec with ESP is required when both data confidentiality (encryption) and integrity are needed between two network segments.

Common mistakes.

  • B. EFS (Encrypting File System) encrypts files at rest on NTFS volumes and does not protect data in transit between network hosts.
  • C. IPSec with AH (Authentication Header) provides integrity and authentication but does not encrypt the payload, so data confidentiality is not achieved.
  • D. Group Policies for shared folders enforce access control permissions but do not encrypt data transmitted over the network.

Concept tested. IPSec ESP vs AH for network data confidentiality

Reference. https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSLC Practice