Which of the following are features of IPsec transport mode? (Choose three.)
A.
IPsec transport mode is used between end stations
B.
IPsec transport mode is used between gateways
C.
IPsec transport mode supports multicast
D.
IPsec transport mode supports unicast
E.
IPsec transport mode encrypts only the payload
F.
IPsec transport mode encrypts the entire packet
Explanation:
IPSec Transport Mode
IPSec Transport mode is used for end-to-end communications, for example, for
communication between a client and a server or between a workstation and a gateway
(if the gateway is being treated as a host). A good example would be an encrypted
Telnet or Remote Desktop session from a workstation to a server.
Transport mode provides the protection of our data, also known as IP Payload, and
consists of TCP/UDP header + Data, through an AH or ESP header. The payload is
encapsulated by the IPSec headers and trailers. The original IP headers remain intact,
except that the IP protocol field is changed to ESP (50) or AH (51), and the original
protocol value is saved in the IPsec trailer to be restored when the packet is decrypted.
IPSec transport mode is usually used when another tunneling protocol (like GRE) is
used to first encapsulate the IP data packet, then IPSec is used to protect the GRE
tunnel packets. IPSec protects the GRE tunnel traffic in transport mode.