Final answer:
In transport mode, ESP encrypts and optionally authenticates the payload without affecting the IP header, while AH provides integrity and authentication for the entire packet, including the IP header, but does not encrypt data. The correct answer is option d) AH can provide integrity for the IP header
Step-by-step explanation:
When an engineer configures hosts to use IPSEC for secure communications, there are two main protocols to choose from: Encapsulation Security Payload (ESP) and Authentication Header (AH). In transport mode, different operations can be expected from each protocol:
- With ESP in transport mode, the IP payload is encrypted and optionally authenticated, but the IP header is not encrypted. This ensures that the data being sent is protected, while the header remains intact for routing purposes.
- As for AH, it does not provide encryption of data but is used to assure connection integrity by authenticating the IP header and the data payload. Even in transport mode, it can ensure that IP packets are not tampered with during transit.
Addressing the specific points:
- With ESP the whole IP packet (header and payload) is encrypted - this is not true, as in transport mode, only the payload is encrypted, not the IP header.
- With ESP the IP header for each packet is not encrypted - this is true for transport mode.
- AH has no real use in this mode - this is not accurate, as AH can still be used to verify the integrity and authenticity of the IP header and payload.
- AH can provide integrity for the IP header - this is indeed true, as it authenticates the entire packet (excluding mutable fields) including the header to prevent spoofing and replay attacks.