___57___ is used to ensure the confidentiality, integrity and authenticity of the two end points in the private network. ___58___, an application-layer protocol, authenticates each peer in an IPSec transaction. IKE negotiates security policy, determining which algorithm may be used to set up the tunnel. It also handles the exchange of session keys used for that one transaction.
Networks that use ___59___ to secure data traffic can automatically authenticate devices by using by using ___60___, which verify the identities of the two users who are sending information back and forth. IPSec can be ideal way to secure data in large networks that require secure connections among many devices.
Users deploying IPSec can ___61___ their network infrastructure without affecting the applications on individual computer. The protocol suite is available as a software-only upgrade to the network infrastructure. This alows security to be implemented without costly changes to each computer. Most important, IPSec allows interoperability among different network devices, PCs and other computing systems.
61()
A. secure
B. relation
C. script
D. strict
参考答案:A
解析:
加密(Encryption)用来确保私用网络中两端点的保密性、完整性和认证性。因特网密钥交换(The Internet Key Exchange,IKE)是一个应用层协议,认证IPSec交易中的每个同级。IKE谈判安全政策,确定哪种算法可以用来建立隧道。它也处理用于那次交易的会话密钥的交流。
利用IPSec来确保数据流的网络,能通过使用数字证书(digital certificates)自动认证设备,这种证书验证两个来回发送信息的用户的身份。对在需要在很多设备之间安全连接的大型网络中确保数据安全,IPSec是一个理想的方法。
部署了IPSec的用户能确保其网络基础设施的安全(secure),而不会影响各台计算机上的应用程序。此套协议用做对网络基础设施的纯软件升级。这既允许实现安全性,又没有花什么钱对每台计算机进行改造。最重要的是,IPSec允许不同的网络设备、PC和其他计算系统之间实现互通。