Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_SDW-7.2 Topic 1 Question 27 Discussion

Actual exam question for Fortinet's NSE7_SDW-7.2 exam
Question #: 27
Topic #: 1
[All NSE7_SDW-7.2 Questions]

Which two statements describe how IPsec phase 1 main mode id different from aggressive mode when performing IKE negotiation? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, C

by Marylyn at Jan 13, 2025, 12:35 PM

Limited Time Offer

25%

Off

Get Premium NSE7_SDW-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Arminda
22 days ago
I'm pretty sure A and D are the right answers, but who comes up with these strange IPsec acronyms anyway? IKE, Diffie Hellman, what is this, a secret agent convention?
upvoted 0 times
Eric
9 days ago
I think you're right, A and D make sense. And yeah, the acronyms can be pretty confusing.
upvoted 0 times
...
...
Sharika
26 days ago
B is a trick answer, XAuth is a separate authentication mechanism, not part of the IKE negotiation modes. I hope the real exam doesn't have as many distractors as this practice question!
upvoted 0 times
Casie
4 days ago
Yeah, B was definitely a tricky one. I agree, I hope the real exam is more straightforward.
upvoted 0 times
...
Farrah
6 days ago
C) Three packets are exchanged between an initiator and a responder instead of six packets.
upvoted 0 times
...
Nan
9 days ago
A) A peer ID is included in the first packet from the initiator, along with suggested security policies.
upvoted 0 times
...
...
Arlean
1 months ago
C is definitely wrong, that's not how the packet exchange works in either mode. Gotta love these tricky networking questions, always keeping you on your toes!
upvoted 0 times
Luisa
8 days ago
A) A peer ID is included in the first packet from the initiator, along with suggested security policies.
upvoted 0 times
...
An
11 days ago
I know, these questions can be tricky sometimes!
upvoted 0 times
...
Isadora
22 days ago
D) The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.
upvoted 0 times
...
Carolann
26 days ago
A) A peer ID is included in the first packet from the initiator, along with suggested security policies.
upvoted 0 times
...
...
Mona
1 months ago
I'm not sure about XAuth, but I think D is incorrect because Diffie Hellman keys are used in both main and aggressive mode.
upvoted 0 times
...
Magnolia
1 months ago
I agree with Stevie, because in main mode the peer ID is included in the first packet and only three packets are exchanged.
upvoted 0 times
...
Stevie
1 months ago
I think the answer is A and C.
upvoted 0 times
...
Alecia
1 months ago
A and D are correct. Main mode is more secure but takes longer, while aggressive mode is faster but less secure. I still can't believe we need to remember all these IPsec details for the exam!
upvoted 0 times
Rolland
10 days ago
I know, it's a lot to remember for the exam!
upvoted 0 times
...
Edda
24 days ago
D) The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.
upvoted 0 times
...
Reiko
26 days ago
A) A peer ID is included in the first packet from the initiator, along with suggested security policies.
upvoted 0 times
...
...

Save Cancel