CompTIA Security+ (SY0-501) — Question 958
A system administrator is configuring a site-to-site VPN tunnel.
Which of the following should be configured on the VPN concentrator during the IKE phase?
Answer options
- A. RIPEMD
- B. ECDHE
- C. Diffie-Hellman
- D. HTTPS
Correct answer: C
Explanation
The correct answer is C, Diffie-Hellman, as it is a key exchange algorithm used to securely share keys during the IKE phase of a VPN setup. Options A, B, and D are not relevant to the IKE phase; RIPEMD is a hashing algorithm, ECDHE is for key agreement but not specifically configured in the IKE phase, and HTTPS is a protocol for secure communication over a network.