Cisco Certified Network Associate (CCNA) Practice Exam

Which three protocols are considered the main components of the IPsec framework?

• A. Internet Key Exchange (IKE), Secure Sockets Layer (SSL), Encapsulation Security Payload (ESP)
• B. Encryption Algorithm (EA), Authentication Header (AH), Internet Key Exchange (IKE)
• C. Encapsulation Security Payload (ESP), Authentication Header (AH), Internet Key Exchange (IKE)
• D. Authentication Header (AH), Secure Hash Algorithm (SHA), Internet Key Exchange (IKE)

The correct answer is: Encapsulation Security Payload (ESP), Authentication Header (AH), Internet Key Exchange (IKE)

The correct response identifies three key protocols that are integral to the IPsec framework. Encapsulation Security Payload (ESP) provides confidentiality, integrity, and authenticity for IP packets. It achieves this by encrypting the payload of the packets, ensuring that data cannot be intercepted and read by unauthorized parties. Additionally, it can provide authentication for the packets to verify their integrity. Authentication Header (AH) is another critical component, primarily focusing on providing message integrity and authenticity. It does this by creating a hash of the packet's header and payload, allowing the receiving device to verify that the packet has not been altered during transmission. Internet Key Exchange (IKE) plays a crucial role in the setup and management of security associations (SAs) between devices. It facilitates the negotiation of the cryptographic keys and the parameters required to establish a secure connection. The combination of these three protocols—ESP for confidentiality, AH for integrity, and IKE for key exchange—forms the foundation of the IPsec framework, enabling secure communication over potentially insecure networks like the Internet.