View all questions & answers for the NSE 7 - Enterprise Firewall 7.6 Administrator Exam Materials exam


Question 9 Discussion

During the last network migration, the IT department discovered that all zero phase selectors in phase 2 IPsec configurations impact network operations. What are two valid recommendations to prevent potential invalid paths during future migrations? (Choose two answers)

  • A. Configure routing protocols to specify allowed subnets over the tunnel.
  • B. Configure the VPN with the exact segments that will be encrypted in the phase two selectors.
  • C. Configure an IPsec aggregate to create redundancy between each firewall peer
  • D. Configure an IP address on the IPsec interface of each firewall to establish unique peer connections and avoid impacting network operations.
Correct Answer: A,B

Brave-Dump Clients Votes

AB 100%

Comments



Brave-Dumps Admin 2025-09-16 18:02:15

Selected Answers: A, B


EFW 7.6 Study Guide page 198

Adam 2026-01-18 06:16:43

Selected Answers: A, B


"all zero phase selectors" here means configuring phase 2 selectors to 0.0.0.0/0 (any) which may lead to invalid paths, so we either:
-> Keep phase 2 selectors as 0.0.0.0/0, and use dynamic routing, such as OSPF or BGP to advertise specific networks (option A)
-> Replace phase 2 selectors 0.0.0.0/0 (any) with more specific selectors (option B)