Which two next-generation encryption algorithms does Cisco recommend? (Choose two.)
A.
AES
B.
3DES
C.
DES
D.
MD5
E.
DH-1024
F.
SHA-384
Explanation:
BD
The Suite B next-generation encryption (NGE) includes algorithms for authenticated encryption, digital
signatures, key establishment, and cryptographic hashing, as listed here:
+ Elliptic Curve Cryptography (ECC) replaces RSA signatures with the ECDSA algorithm
+ AES in the Galois/Counter Mode (GCM) of operation
+ ECC Digital Signature Algorithm
+ SHA-256, SHA-384, and SHA-512
Source: Cisco Official Certification Guide, Next-Generation Encryption Protocols, p.97
A and B are the correct answers. SHA is not encryption algorithm. is hashing algorithm
A & F are the correct answers. Check the link below
http://www.cisco.com/c/en/us/about/security-center/next-generation-cryptography.html
Check under alternative column you will notice AES and SHA-384 are recommended Cryptographic Algorithms
I belive the question a bit confusing as it is asking about “encryption algotithms” not “Cryptographic Algorithms”
The “G” member is correct, A and B are the correct asnwers because SHA is not encryption algorithm.
Michael show the link above but it supports the asnwer A and B, see the collum “Operation” of table:
http://www.cisco.com/c/en/us/about/security-center/next-generation-cryptography.html
It’s show clear that the SHA is use to Integrity and not to encryption (like 3DES and AES)
The righ answer are definitively AF:
Next generation encryption (NGE): NGE algorithms are expected to meet the security and scalability requirements of the next two decades. For more information, see Next Generation Encryption.
Looking at the table with the status NGE:
AES(-GCM) is NGE (256 bit)
SHA-(256,384,512) are NGE
Other NGE out of question are:
HMAC-SHA-256 is NGE
ECDH-384,ECDSA-384 are NGE
http://www.cisco.com/c/en/us/about/security-center/next-generation-cryptography.html