Which of the following actions do NOT take place in IKE Phase 1?
A.
Peers agree on encryption method.
B.
Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key.
C.
Peers agree on integrity method.
D.
Each side generates a session key from its private key and peer’s public key.
During IKE Phase I:
The peers authenticate, either by certificates or via a pre-shared secret. (More authentication methods are available when one of the peers is a remote access client.)
A Diffie-Hellman key is created. The nature of the Diffie-Hellman protocol means that both sides can independently create the shared secret, a key which is known only to the peers.
Key material (random bits and other mathematical data) as well as an agreement on methods for IKE phase II are exchanged between the peers.
In terms of performance, the generation of the Diffie-Hellman Key is slow and heavy. The outcome of this phase is the IKE SA, an agreement on keys and methods for IKE phase II.
The keys created by peers during IKE phase II and used for IPsec are based on a sequence of random binary digits exchanged between peers, and on the DH key computed during IKE phase I.
https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/13847.htm