Which option can be used to authenticate the IPsec peers during IKE Phase 1?

Which option can be used to authenticate the IPsec peers during IKE Phase 1?

Which option can be used to authenticate the IPsec peers during IKE Phase 1?

A.
Diffie-Hellman Nonce

B.
pre-shared key

C.
XAUTH

D.
integrity check value

E.
ACS

F.
AH

Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfike.html
Encryption algorithm
56-bit DES-CBC, des, Default 56-bit DES-CBC
168-bit DES, 3des, Default 168-bit DES
Hash algorithm
SHA-1 (HMAC variant), sha, Default SHA-1
MD5 (HMAC variant), md5
Authentication method
RSA signatures, rsa-sig, Default RSA signatures
RSA encrypted nonces, rsa-encr
preshared keys, pre-share
Diffie-Hellman group identifier
768-bit Diffie-Hellman, 1, Default 768-bit Diffie-Hellman
1024-bit Diffie-Hellman, 2 Lifetime of the security association
Any number of seconds, Default 86400 seconds (one day)

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *