CISSP-ISSAP · Question #37
Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?
The correct answer is D. L2TP. L2TP (Layer 2 Tunneling Protocol) is correct because it is commonly paired with IPsec (as L2TP/IPsec) to provide VPN tunneling with certificate-based authentication - IPsec's IKE handshake supports X.509 digital certificates to mutually authenticate VPN endpoints. Why the distrac
Question
Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?
Options
- APPTP
- BSMTP
- CHTTPS
- DL2TP
How the community answered
(40 responses)- A3% (1)
- B8% (3)
- C15% (6)
- D75% (30)
Explanation
L2TP (Layer 2 Tunneling Protocol) is correct because it is commonly paired with IPsec (as L2TP/IPsec) to provide VPN tunneling with certificate-based authentication - IPsec's IKE handshake supports X.509 digital certificates to mutually authenticate VPN endpoints.
Why the distractors are wrong:
- A. PPTP is an older VPN protocol that relies on password-based authentication (MS-CHAPv2) and lacks native certificate support, making it less secure.
- B. SMTP is an email transfer protocol with no VPN functionality whatsoever.
- C. HTTPS uses certificates for securing web traffic, but it is not a VPN protocol - it secures individual HTTP sessions, not network tunnels.
Memory tip: Think "L2TP locks the tunnel" - the "L" stands for Layer 2, and when layered with IPsec, it gets the certificate-based authentication needed for enterprise VPNs. If a question mentions VPNs + certificates together, L2TP/IPsec is the pairing to remember.
Topics
Community Discussion
No community discussion yet for this question.