Which phase of the IKE process uses a previously negotiated security association (SA) to encrypt
and authenticate?
A.
Phase 1
B.
Phase 2
C.
Phase 3
Explanation:
: In phase 2, the SA (Security association) negotiated in phase 1 is used by the peers to negotiate
an SA for encrypting the IPSEC traffic. Keys can be modified as often as required during a
connection lifetime by performing phase 2. Phase 2 provides additional security by refreshing the
keys to ensure the reliability of the SA´s and prevent a man-in-the-middle-attack. See Page 7.14
of CCSE NG Official Courseware. (VPN1-FW1 Management II NG FP-1) .