Which of the following uses an external certificate authority in a VPN1/FW1 implementation?
A.
IKE
B.
FWZ
C.
SKIP
Explanation:
: with IKE, you can set the key management either automatic or with an external PKI. IKE uses
tunneling mode encryption, it provides encryption of the original IP and TCP headers, and can be
used in VPN´s that use reserved IP addresses without needing address translation or proxying.
FWZ only supports automatic key management through the management server, it cannot use an
eternal PKI solution. Se e Page 7.17 of CCSE NG Official Courseware. (VPN1-FW1 Management
II NG FP-1).