Enhancing OSPFv3 Security | Cisco 400-251 Exam Answer

Security Enhancement for OSPFv3

Prev Question Next Question

Question

Which option correctly describes the security enhancement added for OSPFv3?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

D.

The correct answer is D: Both the AuType and Authentication fields are removed from the OSPF header in OSPFv3, since now it relies on the IPv6 Authentication Header (AH) and IPv6 Encapsulating Security Payload (ESP) to provide integrity, authentication, and/or confidentiality.

Explanation: OSPFv3 is the IPv6 version of the OSPF routing protocol. Unlike OSPFv2, which relies on the Authentication field in the OSPF header to provide authentication, OSPFv3 uses the Authentication Header (AH) and Encapsulating Security Payload (ESP) to provide integrity, authentication, and/or confidentiality.

The Authentication field and AuType field are no longer present in OSPFv3 headers. This is because OSPFv3 packets are encapsulated within IPv6 packets and secured by either AH or ESP. AH provides authentication and integrity, while ESP provides confidentiality, authentication, and integrity.

In contrast to OSPFv2, which uses a simple password authentication mechanism that is vulnerable to attacks such as replay attacks and password guessing, OSPFv3 uses more secure methods to ensure secure communication between OSPFv3 routers.

Therefore, option D is the correct answer as it accurately describes the security enhancements added for OSPFv3.