1. IP security mechanism can be not only used for security communications in Internet but also in local network or wide area network. a.True b.False 2. IP security is not transparent to the TCP applications because IP security is implemented in Network layer a.True b.False 3. The transport mode encapsulating security payload IPv4 can be only used as confidentiality purpose for the data. a.True b.False 4. In the following, which protocol(s) provide(s) IP security? a.TCP b.SSH c.AH d.ESP 5. A key idea that appears in both authentication and confidentiality mechanisms for IP is a.the association header. b.the IP header. c.the security association. d.the tunnel mode. Solution Answer-1: Option (A) True is correct. IP security mechanism used for security communications in Internet but also in local network or wide area network.IP security provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet. Answer No-2 Obtion (B) False is correct. IP security is transparent to the TCP applications because IPSec is below the transport layer (TCP, UDP), so it is transparent to applications. Answer No-3 Option (B) False is correct. The transport mode encapsulating security payload IPv4 can not only used as confidentiality purpose for the data but also used for Authenticating Header. Note: The encapsulating security payload provides confidentiality service, including confidentiality of message contents and limited traffic flow confidentiality. And As an optional feature, ESP can also provide the same authentication services as Authentication Header. Answer-4 Option (C) AH is correct. The AH (authentication header) protocol provides support for data integrity and authentication of IP packets. Answer-5 Option (D) the tunnel mode is correct. Tunnel mode is the mode that appears both in authentication and confidentiality for IP i.e both AH(Authentication Header) and ESP( Encapsulating Security Payload) support two modes of use transport and tunnel mode. Tunnel mode encapsulates an entire IP packet within an IP packet to ensure that no part of the original packet is changed as it is moved through a network. Kindly Check and Verify Thanks...!!!.