View all questions & answers for the NSE 6 - Network Security 7.6 Support Engineer Materials exam


Question 20 Discussion

What can cause an IKEv2 tunnel to go down after it was initially brought up successfully? (Choose one answer)

  • A. A mismatched proposal was detected during the IKE_AUTH exchange.
  • B. A mismatched Diffie-Hellman group was detected during the IKE_SA_INIT exchange.
  • C. A mismatched pre-shared key was detected during the IKE_AUTH exchange.
  • D. Mismatched quick-mode selectors were detected during the Create_Child_SA exchange.
Correct Answer: D

Brave-Dump Clients Votes

D 75%
B 25%

Comments



Brave-Dumps Admin 2025-10-23 22:03:38

Selected Answers: B


Verified by Network Security Support Engineer Study Guide page 511

Fatma Salih 2026-01-13 12:42:07

Selected Answers: D


I think the answer is D. If there was a DH mismatch, the tunnel wouldn't come up in the 1st place.

Adam 2026-01-15 06:55:20

Selected Answers: D


IKEv2 exchanges:
1- IKE_SA_INIT exchange -> equivalent of IKEv1 phase1
2- IKE_Auth exchange -> authentication + first Child SA (equivalent of IKEv1 phase2 without DH Group)
3- Create_Child_SA exchange -> creates a new child SA or rekeys an existing child SA (with DH Group)
4- Informational exchange

As option B mentions DH Group mismatch in IKE_SA_INIT (phase1), then phase 1 won't be up initially to begin with, so option B should be wrong.

James 2026-01-24 21:53:26

Selected Answers: D


If the tunnel was initially brought up successfully, both of these phases must have succeeded.