SSCP Question #747: Real Exam Question with Answer & Explanation

The correct answer is C: L2TP works well with all firewalls and network devices that perform NAT.. This statement is FALSE, making it the correct answer. L2TP, when used with IPSec for security (L2TP/IPSec), has significant problems traversing NAT devices. IPSec's AH (Authentication Header) and ESP (Encapsulating Security Payload) authenticate packet headers, and NAT modifies

Submitted by anjalisingh· Apr 18, 2026Network and Communications Security

Question

One of the following statements about the differences between PPTP and L2TP is NOT true

Options

APPTP can run only on top of IP networks.
BPPTP is an encryption protocol and L2TP is not.
CL2TP works well with all firewalls and network devices that perform NAT.
DL2TP supports AAA servers

Explanation

This statement is FALSE, making it the correct answer. L2TP, when used with IPSec for security (L2TP/IPSec), has significant problems traversing NAT devices. IPSec's AH (Authentication Header) and ESP (Encapsulating Security Payload) authenticate packet headers, and NAT modifies those headers, causing authentication failures. Special NAT-T (NAT Traversal) extensions are needed to work around this. In contrast, PPTP (which uses GRE) is generally more NAT-friendly. The other statements are true: PPTP runs only over IP networks (A), PPTP includes built-in encryption via MPPE while L2TP does not (B), and L2TP does support AAA server integration (D).

Topics

#PPTP#L2TP#VPN Protocols#NAT compatibility

Community Discussion

No community discussion yet for this question.

Full SSCP Practice Browse All SSCP Questions