Which of the following protection is provided when using a Virtual Private Network (VPN) with Authentication Header (AH)?
Correct Answer: C
A VPN is a secure tunnel that connects two or more networks over a public network, such as the internet.
VPNs use encryption and authentication protocols to protect the data in transit from unauthorized access, modification, or disclosure. AH is one of the protocols used by IPsec, which is a suite of protocols for securing IP traffic. AH provides integrity, authentication, and anti-replay protection for the entire IP packet, including the header and the payload. AH does not provide payload encryption or sender confidentiality, which are provided by another IPsec protocol called Encapsulating Security Payload (ESP). AH also does not provide multi-factor authentication (MFA), which is a method of verifying the identity of a user or a device by requiring two or more factors, such as something you know, something you have, or something you are. AH does provide sender non-repudiation, which is the assurance that the sender of a message cannot deny sending it, because the message is authenticated with a digital signature or a keyed hash that only the sender can generate. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 4: Communication and Network Security, page 215. Official (ISC)2 CISSP CBK Reference, Fifth Edition, Domain 4: Communication and Network Security, page 463.