View all questions & answers for the NSE 7 - Enterprise Firewall 7.6 Administrator Exam Materials exam


Question 13 Discussion

You are setting up an ADVPN configuration and want to ensure that peer IDs are not exposed during VPN establishment. Which protocol can the administrator use to enhance security? (Choose one answer)

  • A. Use IKEv2, which encrypts peer IDs and prevents exposure.
  • B. Use IKEv1 main mode with AES-GCM security proposal.
  • C. Use IKEv1 aggressive mode with certificates.
  • D. Use SSL VPN tunnel mode with certificates.
Correct Answer: A

Brave-Dump Clients Votes

A 100%

Comments



Podb 2025-12-16 00:25:50

Selected Answers: A


A - correct
B- ike v1 in main mode yes, but AES-GCM only at ikev2
C - use clear text
D advpn only use ipsec

Adam 2026-01-18 07:29:34

Selected Answers: A


Study Guide mentions "In IKEv1 aggressive mode, peer IDs are unencrypted and exposed, creating a security risk. Conversely, IKEv1 main mode and IKEv2 ensure peer IDs are encrypted."

suite-b-gcm-128 & suite-b-gcm-256 are definitely supported with IKEv1, not sure if they were initially supported only with IKEv2 which seems like legacy info in the Study Guide.