Yoav is a Security Administrator preparing to implement a VPN solution for his multi-site
organization. To comply with industry regulations, Yoav’s VPN solution must meet the following
requirements:
Portability: Standard
Key management: Automatic, external PKI
Session keys: Changed at configured times during a connection’s lifetime
Key length: No less than 128-bit
Data integrity: Secure against inversion and brute force attacks
What is the most appropriate setting Yoav should choose?
A.
IKE VPNs: AES encryption for IKE Phase 1, and DES encryption for Phase 2; SHA1 hash
B.
IKE VPNs: SHA1 encryption for IKE Phase 1, and MD5 encryption for Phase 2; AES hash
C.
IKE VPNs: CAST encryption for IKE Phase 1, and SHA1 encryption for Phase 2; DES hash
D.
IKE VPNs: AES encryption for IKE Phase 1, and AES encryption for Phase 2; SHA1 hash
E.
IKE VPNs: DES encryption for IKE Phase 1, and 3DES encryption for Phase 2; MD5 hash
Explanation: