FCSS – Enterprise Firewall Administrator 7.6 — Question 5

You are setting up an ADVPN configuration and want to ensure that peer IDs are not exposed during VPN establishment.
Which protocol can the administrator use to enhance security?

Answer options

• A. Use SSL VPN tunnel mode with certificates.
• B. Use IKEv2, which encrypts peer IDs and prevents exposure.
• C. Use IKEv1 aggressive mode with certificates.
• D. Use IKEv1 main mode with AES-GCM security proposal.

Correct answer: B

Explanation

IKEv2 is designed to encrypt peer IDs, thereby preventing their exposure during the VPN establishment phase, making option B the correct choice. Options A, C, and D do not provide the same level of protection for peer IDs as IKEv2 does, thus they are not suitable for this requirement.