AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 274

The IPsec protocol suite is made up of various components covering aspects such as confidentiality, encryption, and integrity.
Select the correct statement below regarding the correct configuration options for ensure IPsec confidentiality:

Answer options

• A. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, MD5
• B. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, AES
• C. The following protocols may be used to configure IPsec confidentiality, PSK, RSA
• D. The following protocols may be used to configure IPsec confidentiality, PSK, MD5
• E. The following protocols may be used to configure IPsec confidentiality, PSK, RSA

Correct answer: B

Explanation

IPsec confidentiality is achieved through symmetric encryption algorithms, which include DES, 3DES, and AES. Other options are incorrect because MD5 is a hashing algorithm used for data integrity, while PSK (Pre-Shared Keys) and RSA are authentication methods rather than confidentiality/encryption protocols.