JNCIA-SEC: Juniper Networks Certified Associate – Security — Question 33

Which statement is correct about IKE?

Answer options

• A. IKE phase 1 is used to establish the data path.
• B. IKE phase 1 only supports aggressive mode.
• C. IKE phase 1 establishes the tunnel between devices.
• D. IKE phase 1 negotiates a secure channel between gateways.

Correct answer: D

Explanation

The correct choice is D because IKE phase 1 is responsible for negotiating a secure and authenticated communication channel between the gateways. Option A is incorrect as phase 1 does not establish the data path directly, option B is wrong since IKE phase 1 supports both main and aggressive modes, and option C is misleading because it refers to the tunnel establishment, which occurs later in the process.