FCSS – Enterprise Firewall Administrator 7.4 — Question 43

An administrator is setting up an ADVPN configuration and wants to ensure that peer IDs are not exposed during VPN establishment.
Which protocol can the administrator use to enhance security?

Answer options

• A. Use IKEv2, which encrypts peer IDs and prevents exposure.
• B. Opt for SSL VPN web mode because it does not use peer IDs at all.
• C. Choose IKEv1 aggressive mode because it simplifies peer identification.
• D. Stick with IKEv1 main mode because it offers better performance.

Correct answer: A

Explanation

The correct choice is A because IKEv2 provides encryption for peer IDs, ensuring they are not disclosed during the VPN setup. Options B, C, and D do not enhance security in the same way; for instance, SSL VPN web mode does not address peer IDs, while IKEv1 aggressive mode can compromise security and IKEv1 main mode does not offer the same encryption benefits as IKEv2.