Cisco Certified Network Associate (CCNA) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the Cisco Certified Network Associate (CCNA) exam with our comprehensive quiz featuring multiple-choice questions and detailed explanations. Prepare effectively and enhance your understanding of networking concepts!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

In which IPsec mode is the payload of the packet protected but the header is not encrypted?

  1. Tunnel mode

  2. Transport mode

  3. Secure mode

  4. Encapsulated mode

The correct answer is: Transport mode

The correct answer is indeed Transport mode. In this mode, only the payload of the packet is encrypted and protected, while the original IP headers remain intact and unencrypted. This allows for end-to-end encryption between two hosts, making it suitable for situations where it is important to preserve router functionality and IP header information. Transport mode is commonly used for securing communications between specific devices (like two servers or a client-server model) without the need to encapsulate the entire original packet. Other IPsec modes, such as Tunnel mode, would encapsulate and encrypt the entire IP packet, including headers, which makes them more suited for VPN scenarios where traffic needs to traverse untrusted networks without revealing original IP header information.

More Questions Like This