Huawei Certified ICT Associate – Security (HCIA-Security) — Question 5

In the first stage of IKE negotiation, which of the following IKE exchange mode does not provide identity protection features?

Answer options

• A. Main Mode
• B. Aggressive Mode
• C. quick mode
• D. passive mode

Correct answer: B

Explanation

Aggressive Mode does not offer identity protection as it transmits the identity of the parties in clear text, making it vulnerable to eavesdropping. In contrast, Main Mode provides identity protection through its multi-message exchange process. Quick Mode is used for establishing the actual session keys after the initial negotiations, and Passive Mode is not a standard IKE exchange mode.