If you need strong protection for the encryption of user data, what option would be the BEST
choice?
A.
When you need strong encryption,IPSecis not the best choice. SSL VPN’s are a better choice.
B.
Use Daffier-Hellman for key construction and pre-shared keys for Quick Mode. Choose SHA in
Quick Mode and encrypt with AES. Use AH protocol. Switch to Aggressive Mode.
C.
Disable Differ-Hellman by using stronger certificate based key-derivation. Use AES-256 bit on all
encrypted channels and add PFS to Quick Mode. Use double encryption by implementing AH and ESP
as protocols.
D.
Use certificates for Phase 1, SHA for all hashes, AES for all encryption and PFS, and use ESP
protocol.
What is Differ-Hellman, lol, we can exclude that one :p