Implementing Cisco Secure Mobility Solutions (SIMOS, legacy) — Question 7

Which purpose of configuring perfect Forward secret is true?

Answer options

• A. For every negotiation of a new phase 1 SA, the two gateways generate a new set of phase 2 keys.
• B. For every negotiation of a new phase 2 SA, the two gateways generate a new set of phase 1 keys.
• C. For every negotiation of a new phase 1 SA, the two gateways generate a new set of phase 1 keys.
• D. For every negotiation of a new phase 2 SA, the two gateways generate a new set of phase 2 keys.

Correct answer: B

Explanation

The correct answer is B because perfect Forward secrecy involves generating new keys for each new phase 2 Security Association (SA), ensuring that past sessions remain secure even if long-term keys are compromised. Options A, C, and D misrepresent the key generation process related to phase 1 and phase 2 SAs.