nerdexam
(ISC)2

CISSP-ISSAP · Question #37

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

The correct answer is D. L2TP. L2TP (Layer 2 Tunneling Protocol) is correct because it is commonly paired with IPsec (as L2TP/IPsec) to provide VPN tunneling with certificate-based authentication - IPsec's IKE handshake supports X.509 digital certificates to mutually authenticate VPN endpoints. Why the distrac

Infrastructure Security

Question

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

Options

  • APPTP
  • BSMTP
  • CHTTPS
  • DL2TP

How the community answered

(40 responses)
  • A
    3% (1)
  • B
    8% (3)
  • C
    15% (6)
  • D
    75% (30)

Explanation

L2TP (Layer 2 Tunneling Protocol) is correct because it is commonly paired with IPsec (as L2TP/IPsec) to provide VPN tunneling with certificate-based authentication - IPsec's IKE handshake supports X.509 digital certificates to mutually authenticate VPN endpoints.

Why the distractors are wrong:

  • A. PPTP is an older VPN protocol that relies on password-based authentication (MS-CHAPv2) and lacks native certificate support, making it less secure.
  • B. SMTP is an email transfer protocol with no VPN functionality whatsoever.
  • C. HTTPS uses certificates for securing web traffic, but it is not a VPN protocol - it secures individual HTTP sessions, not network tunnels.

Memory tip: Think "L2TP locks the tunnel" - the "L" stands for Layer 2, and when layered with IPsec, it gets the certificate-based authentication needed for enterprise VPNs. If a question mentions VPNs + certificates together, L2TP/IPsec is the pairing to remember.

Topics

#L2TP#Certificate authentication#VPN protocols#IPSec

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSAP Practice