To establish IPsec site-to-site connections, which is essential for SA establishment?

Prepare for the Network Security (NETSEC) 3 Test with flashcards and multiple choice questions. Each question offers hints and explanations. Get exam-ready efficiently!

Multiple Choice

To establish IPsec site-to-site connections, which is essential for SA establishment?

Explanation:
IPsec site-to-site connections rely on mutual authentication during the IKE phase to establish the Security Association. The essential ingredient for this authentication is credentials exchanged between gateways, typically a pre-shared key (shared secret) or digital certificates issued by a trusted PKI. With valid credentials, the gateways can authenticate each other and derive shared keys to protect subsequent IPsec negotiations. Web server certificates are used for TLS/HTTPS rather than IPsec. A VPN client application is used for remote access by end users, not gateway-to-gateway site-to-site. A firewall rule alone can control traffic but does not perform the authentication or key exchange needed to establish SAs.

IPsec site-to-site connections rely on mutual authentication during the IKE phase to establish the Security Association. The essential ingredient for this authentication is credentials exchanged between gateways, typically a pre-shared key (shared secret) or digital certificates issued by a trusted PKI. With valid credentials, the gateways can authenticate each other and derive shared keys to protect subsequent IPsec negotiations. Web server certificates are used for TLS/HTTPS rather than IPsec. A VPN client application is used for remote access by end users, not gateway-to-gateway site-to-site. A firewall rule alone can control traffic but does not perform the authentication or key exchange needed to establish SAs.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy