Comptia Security Plus Mock Test Q96

A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?

A. IPsec
B. SFTP
C. BGP
D. PPTP

Correct Answer: A
Section: Network Security

Explanation:
Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication.
L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP.

Incorrect Answers:
B: SFTP (Secure FTP) is not a VPN tunneling protocol. It is used for transferring files using the File Transfer Protocol over a secure connection. The connection is secured by using
SSH (Secure Shell).

C: BGP (Border Gateway Protocol) is a routing protocol, not a VPN protocol.

D: Point-To-Point-Tunneling Protocol (PPTP) is the most popularly VPN protocol and is supported by the most devices. PPTP stands for point to point protocol, is by far the easiest to configure and has low overhead that makes it faster than other VPN protocols. Firewalls such as ISA Server, Cisco PIX and Sonic Wall recognize the protocol. PPTP encrypts data using a 128-bit key which puts it in the “weakest” category of VPN protocols.

References:

The Differences Between PPTP, L2TP/IPSec, SSTP and OpenVPN Connection