Which of the following protocols uses a control channel over TCP and a GRE tunnel operating to
encapsulate PPP packets?

A.
PPTP

B.
ESP

C.
LWAPP

D.
SSTP

Explanation:

The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private

networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate
PPP packets. The PPTP specification does not describe encryption or authentication features and
relies on the PPP protocol being tunneled to implement security functionality. However, the most
common PPTP implementation, shipping with the Microsoft Windows product families, implements
various levels of authentication and encryption natively as standard features of the Windows PPTP
stack. The intended use of this protocol is to provide similar levels of security and remote access
as typical VPN products.
Answer option B is incorrect. Encapsulating Security Payload (ESP) is an IPSec protocol that
provides confidentiality, in addition to authentication, integrity, and anti-replay. ESP can be used
alone or in combination with Authentication Header (AH). It can also be nested with the Layer Two
Tunneling Protocol (L2TP). ESP does not sign the entire packet unless it is being tunneled.
Usually, only the data payload is protected, not the IP header.
Answer option D is incorrect. Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel
that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL
provides transport-level security with key-negotiation, encryption, and traffic integrity checking.
The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy
servers.SSTP servers must be authenticated during the SSL phase. SSTP clients can optionally
be authenticated during the SSL phase, and must be authenticated in the PPP phase. The use of
PPP allows support for common authentication methods, such as EAP-TLS and MS-CHAP. SSTP
is available in Windows Server 2008, Windows Vista SP1, and later operating systems. It is fully
integrated with the RRAS architecture in these operating systems, allowing its use with Winlogon
or smart card authentication, remote access policies, and the Windows VPN client.
Answer option C is incorrect. LWAPP (Lightweight Access Point Protocol) is a protocol used to
control multiple Wi-Fi wireless access points at once. This can reduce the amount of time spent on
configuring, monitoring, or troubleshooting a large network. This also allows network
administrators to closely analyze the network.