In IPsec, how are cryptographic algorithms chosen for an SA?

Prepare for the Network Security (NETSEC) 3 Test with flashcards and multiple choice questions. Each question offers hints and explanations. Get exam-ready efficiently!

Multiple Choice

In IPsec, how are cryptographic algorithms chosen for an SA?

Explanation:
In IPsec, a Security Association carries its own cryptographic parameters, including which encryption algorithm and which integrity algorithm to use, along with keys and lifetimes. When an SA is created (via manual configuration or IKE negotiation), the specific algorithms for that direction are decided and stored as part of the SA. This allows different SAs to use different algorithms depending on the security requirements or policy for each tunnel or peer. So the cryptographic suite is defined per SA, not shared across all SAs. Policy may restrict which algorithms can be chosen, but the actual selection is captured within each SA.

In IPsec, a Security Association carries its own cryptographic parameters, including which encryption algorithm and which integrity algorithm to use, along with keys and lifetimes. When an SA is created (via manual configuration or IKE negotiation), the specific algorithms for that direction are decided and stored as part of the SA. This allows different SAs to use different algorithms depending on the security requirements or policy for each tunnel or peer. So the cryptographic suite is defined per SA, not shared across all SAs. Policy may restrict which algorithms can be chosen, but the actual selection is captured within each SA.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy