AH vs ESP

I just took an online practice exam which asked for the IPsec protocol that provides authentication, integrity and confidentiality. By my understanding AH provides integrity and authentication while ESP provides confidentiality.
The answer was ESP, which I think is wrong.
Am I missing something?

Thanks

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

keenon

AH

http://www.networksorcery.com/enp/protocol/ah.htm

ESP

www.networksorcery.com/enp/protocol/esp.htm

I hope these help

Grynder

Thanks. I guess ESP is the right answer.
I'm sitting for my exam on THursday, yesterday I was feeling pretty good (averaging 90% on my sybex and exam cram tests) , but today I took two online practice tests and scored under 80% on both.
I think I will just concentrate on my notes until Thursday.

RoboNerd

Grynder wrote:

Thanks. I guess ESP is the right answer.
I'm sitting for my exam on THursday, yesterday I was feeling pretty good (averaging 90% on my sybex and exam cram tests) , but today I took two online practice tests and scored under 80% on both.
I think I will just concentrate on my notes until Thursday.

Careful on those online practice exams -- I have noticed that some of them are intentionally made to test rather obscure information in order to scare you into buying their study materials. Don't fall for that racket. The actual test doesn't go off on strange tangents; it's very straightforward about testing whether or not you know the major topics. Some of the trickier parts are the "PICK TWO" questions, where you have to select the BEST answers (even though most/all of them are technically correct). Fortunately there's not too many of them.

Good luck with your exam, and I hope you're not twisting your stomach into as much a knot as I had been these last two weeks. I just about panicked last night because I was going chapter-by-chapter through the Syngress book and BOMBED Chapter 4 (like 60%). The rest I got about 87% or better. It turns out, though, that the Syngress book has some real editing problems... for example, the answers after the chapter tests don't necessarily jive with the ones in the Answer Appendix. WTF?!?

The DVD, by the way, is worthless; don't bother. The online test was horrific as well; it had all sorts of grammatical errors that changed the right answer into a wrong one. Hopefully when Syngress revises for the 2007 objectives they will fix their DVD and that blasted online test, because I really can't recommend their book until they do so.

Oh, and hint: What does the "E" in ESP stand for? It's very similar in function to digital certificates if you think about it. Since you already have an IPSec SA regardless, authentication is pretty much a given. The rest depends on which mode IPSec is operating in.