Question

Q1: In the Internet Protocol (IP), the Header Error Checksum (HEC) is the only measure to check for errors of any kind. Which makes the IP header reliable.

T or  F

Q2:  Every router strips off the IP header and puts a new header

T or  F

Q3:  (Short Answer) What is Dynamic re-keying?

Q4: In a VPN, the IP packets secured using IPSec uses different Internet circuits as any other traffic can use. There are dedicated circuits for IPSec.

T or F?

Q5: Authentication Header (AH) has two IP headers and encapsulated security payload (ESP) has only one.

T or  F

Q6: For having a host-to-host tunnel private IP addresses can't be used in the hosts.

T or F?

Q7:   (Short Answer) What does the Authentication Header (AH) and encapsulated security payload (ESP) each provides?

Q8:  (Short Answer) What is a Security Parameter Index (SPI)?

Q9: The meaning of tunnel in the tunnel model of IPSec is that the protected IP packets are outside another IP header (the outer header) and the outer headers of many IP packets can be visualized as making a tunnel wall through which the inner IP packets are passing.

T or F

Q10: (Short Answer) What replaces IPSec security associations (SAs)?

Answer 1

Answer1. True

Answer2. True

Answer3.Re- keying simply means to change the old pin to new pin. Dynamic re-key is an process to online encryption. In this the hytrust replaces the current encryption key with a new one, First it decrypts the data with the old key and after that re- encrypts the data with new key.

Answer4.False.

Answer5. True.

Answer6. False.

Answer7. The ESP(Encapsulating Security payload) protocol provides data confidentiality while the Authentication header protocol provides data origin authentication, data integrity and replay protection and the AH doesn't provide confidentiality which is provided by ESP.

Answer8.The SPI(Security Parameter Index) is an identification tag which is added to the header when we are using IPsec for the tunneling of IP traffic.

Answer9. True.

Answer10. An Security association is a relationship between two entities which describes that how the entities use the services of the security to communicate with each other securily.