PrepAway - Latest Free Exam Questions & Answers

What is NOT an authentication method within IKE and IPsec?

What is NOT an authentication method within IKE and IPsec?

PrepAway - Latest Free Exam Questions & Answers

A.
CHAP

B.
Pre shared key

C.
certificate based authentication

D.
Public key authentication

Explanation:
CHAP (Challenge Handshake Authentication Protocol) is not used within IKE and IPSec.Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPsec
protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication
– either pre-shared or distributed using DNS and a Diffie–Hellman key exchange – to set up a shared session
secret from which cryptographic keys are derived.
IKE phase one’s purpose is to establish a secure authenticated communication channel by using the Diffie–
Hellman key exchange algorithm to generate a shared secret key to encrypt further IKE communications. This
negotiation results in one single bi-directional ISAKMP Security Association (SA). The authentication can be
performed using either pre-shared key (shared secret), signatures, or public key encryption.
Incorrect Answers:
B: Pre-shared key is an authentication method that can be used within IKE and IPsec.
C: Certificate-based authentication is an authentication method that can be used within IKE and IPsec.
D: Public key authentication is an authentication method that can be used within IKE and IPsec.

https://en.wikipedia.org/wiki/Internet_Key_Exchange


Leave a Reply