Which three options correctly describe the AH protocol? (Choose three.)
The Authentication Header (AH) protocol is a security protocol used in IPsec to provide integrity, data origin authentication, and optional anti-replay protection for IP packets. Here are the correct options that describe the AH protocol:
B. The AH protocol provides connectionless integrity and data origin authentication: The AH protocol provides connectionless integrity and data origin authentication for IP packets by computing and verifying an integrity check value (ICV) over the packet header and payload. The ICV is computed using a secret key shared between the sender and receiver. The integrity check value provides assurance that the packet has not been tampered with during transit and the data originated from the claimed sender.
C. The AH protocol provides protection against replay attacks: The AH protocol can provide protection against replay attacks by including a sequence number in the AH header of each packet. The receiver can verify the sequence number to ensure that the packet has not been replayed.
E. The AH protocol uses IP protocol 51: The AH protocol is identified by IP protocol number 51, which is used to distinguish it from other IP protocols.
Option A is incorrect because the AH protocol does not encrypt the entire IP and upper layer protocols. Rather, it only provides integrity and authentication protection for the packet header and payload.
Option D is incorrect because the AH protocol supports both transport mode and tunnel mode. In transport mode, the IP header is not protected by AH, while in tunnel mode, the entire original IP packet is protected by AH and encapsulated in a new IP packet.
Option F is incorrect because the AH protocol supports both IPv4 and IPv6.