What is NOT an authentication method within IKE and IPsec?
A.
CHAP
B.
Pre shared key
C.
certificate based authentication
D.
Public key authentication
Explanation:
CHAP (Challenge Handshake Authentication Protocol) is not used within IKE and IPSec.Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPsec
protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication
– either pre-shared or distributed using DNS and a Diffie–Hellman key exchange – to set up a shared session
secret from which cryptographic keys are derived.
IKE phase one’s purpose is to establish a secure authenticated communication channel by using the Diffie–
Hellman key exchange algorithm to generate a shared secret key to encrypt further IKE communications. This
negotiation results in one single bi-directional ISAKMP Security Association (SA). The authentication can be
performed using either pre-shared key (shared secret), signatures, or public key encryption.
Incorrect Answers:
B: Pre-shared key is an authentication method that can be used within IKE and IPsec.
C: Certificate-based authentication is an authentication method that can be used within IKE and IPsec.
D: Public key authentication is an authentication method that can be used within IKE and IPsec.https://en.wikipedia.org/wiki/Internet_Key_Exchange