IKEv2 Preshared Key Authentication - Cisco CCIE Security Exam | YourSite

IKEv2 Preshared Key Authentication

Prev Question Next Question

Question

Which statement is true about IKEv2 preshared key authentication between two peers?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

IKEv2 (Internet Key Exchange version 2) is a protocol used for secure key exchange between two peers, typically for setting up a VPN connection. Preshared key authentication is one of the methods used in IKEv2 for authenticating the peers.

Preshared key authentication is a simple method of authentication in which the same secret key is shared between the two peers, and each peer uses this key to authenticate the other peer. The preshared key is a shared secret that is manually configured on both peers before they can establish a secure connection.

Now let's go through each answer option and see which statement is true:

A. IKEv2 allows usage of different preshared keys for local and remote authentication. This statement is false. IKEv2 does not allow the usage of different preshared keys for local and remote authentication. Both peers must use the same preshared key for mutual authentication.

B. IKEv2 allows usage of only one preshared key. This statement is true. IKEv2 allows the usage of only one preshared key for mutual authentication. This key must be manually configured on both peers and must be kept secret.

C. IKEv2 allows usage of only one preshared key and only in hub-and-spoke topology. This statement is false. IKEv2 allows the usage of only one preshared key, but it can be used in any topology, not just in hub-and-spoke topology.

D. IKEv2 does not allow the usage of preshared key authentication. This statement is false. IKEv2 does allow the usage of preshared key authentication as one of the authentication methods.

Therefore, the correct answer is B: "IKEv2 allows usage of only one preshared key."