CompTIA Security+ (SY0-501) — Question 783

Which of the following could occur when both strong and weak ciphers are configured on a VPN concentrator? (Choose two.)

Answer options

• A. An attacker could potentially perform a downgrade attack.
• B. The connection is vulnerable to resource exhaustion.
• C. The integrity of the data could be at risk.
• D. The VPN concentrator could revert to L2TP.
• E. The IPSec payload is reverted to 16-bit sequence numbers.

Correct answer: A, E

Explanation

The correct answer, A, highlights the risk of a downgrade attack where an attacker forces the use of a weaker cipher. Answer E is also correct as using weak ciphers could lead to the IPSec payload reverting to less secure 16-bit sequence numbers. The other options either do not relate to the configuration of ciphers or are not directly caused by the presence of both strong and weak ciphers.