ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7 All Questions

View all questions & answers for the NSE7 exam
Go to Exam

Exam NSE7 topic 1 question 50 discussion

Actual exam question from Fortinet's NSE7
Question #: 50
Topic #: 1
[All NSE7 Questions]

View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below. ike 0: comes 10.0.0.2:500->10.0.0.1:500, ifindex=7.... ike 0: IKEv1 exchange=Aggressive id=baf47d0988e9237f/2f405ef3952f6fda len=430 ike 0: in BAF47D0988E9237F2F405EF3952F6FDA0110040000000000000001AE0400003C0000000100000001000000300101000 ike 0:RemoteSite:4: initiator: aggressive mode get 1st response... ike 0:RemoteSite:4: VID RFC 3947 4A131c81070358455C5728F20E95452F ike 0:RemoteSite:4: VID DPD AFCAD71368A1F1C96B8696FC77570100 ike 0:RemoteSite:4: VID FORTIGATE 8299031757A36082C6A621DE000502D7 ike 0:RemoteSite:4: peer is FortiGate/Fortios (v5 b727) ike 0:RemoteSite:4: VID FRAGMENTATION 4048B7D56EBCE88525E7DE7F00D6C2D3 ike 0:RemoteSite:4: VID FRAGMENTATION 4048B7D56EBCE88525E7DE7F00D6C2D3C0000000 ike 0:RemoteSite:4: received peer identifier FQDN "˜remore' ike 0:RemoteSite:4: negotiation result ike 0:RemoteSite:4: proposal id = 1: ike 0:RemoteSite:4: protocol id = ISAKMP: ike 0:RemoteSite:4: trans_id = KEY_IKE. ike 0:RemoteSite:4: encapsulation = IKE/none ike 0:RemoteSite:4: type=OAKLEY_ENCRYPT_ALG, val=AES_CBC, key ""len=128 ike 0:RemoteSite:4: type=OAKLEY_HASH_ALG, val=SHA. ike 0:RemoteSite:4: type-AUTH_METHOD, val=PRESHARED_KEY. ike 0:RemoteSite:4: type=OAKLEY_GROUP, val=MODP1024. ike 0:RemoteSite:4: ISAKMP SA lifetime=86400 ike 0:RemoteSite:4: ISAKMP SA baf47d0988e9237f/2f405ef3952f6fda key 16: B25B6C9384D8BDB24E3DA3DC90CF5E73 ike 0:RemoteSite:4: PSK authentication succeeded ike 0:RemoteSite:4: authentication OK ike 0:RemoteSite:4: add INITIAL-CONTACT ike 0:RemoteSite:4: enc BAF47D0988E9237F405EF3952F6FDA081004010000000000000080140000181F2E48BFD8E9D603F ike 0:RemoteSite:4: out BAF47D0988E9237F405EF3952F6FDA08100401000000000000008C2E3FC9BA061816A396F009A12 ike 0:RemoteSite:4: sent IKE msg (agg_i2send): 10.0.0.1:500-10.0.0.2:500, len=140, id=baf47d0988e9237f/2 ike 0:RemoteSite:4: established IKE SA baf47d0988e9237f/2f405ef3952f6fda
Which statements about this debug output are correct? (Choose two.)

  • A. The remote gateway IP address is 10.0.0.1.
  • B. It shows a phase 1 negotiation.
  • C. The negotiation is using AES128 encryption with CBC hash.
  • D. The initiator has provided remote as its IPsec peer ID.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by tibrad4 at April 26, 2024, 8:27 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tibrad4
1 year, 2 months ago
B and D are correct, however there is a typo in the output that says "Remore" instead of Remote
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel