Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security
associations (SA)?

A.
IPSec

B.
L2TP

C.
LEAP

D.
ISAKMP

Explanation:
ISAKMP (Internet Security Association and Key Management Protocol) is a protocol for
establishing Security Associations (SA) and
cryptographic keys in an Internet environment. It provides a framework for the negotiation and
management of security associations between
peers and traverses on UDP/500 port. ISAKMP defines the procedures for authenticating a
communicating peer, creation and management of
Security Associations, key generation techniques, and threat mitigation (e.g. denial of service and
replay attacks).
ISAKMP defines procedures and packet formats to establish, negotiate, modify, and delete Security
Associations. Security Associations contain
all information required for execution of various network security services, such as the IP layer
services (such as header authentication and
payload encapsulation), transport or application layer services, or self-protection of negotiation
traffic. ISAKMP defines payloads for
exchanging key generation and authentication data.
Answer option A is incorrect. Internet Protocol Security (IPSec) is a standard-based protocol that
provides the highest level of VPN security.
IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections
that use the L2TP protocol. It secures both
data and password.
IPSec cannot be used with Point-to-Point Tunneling Protocol (PPTP).
Answer option B is incorrect. Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-toPoint Tunneling Protocol (PPTP). It provides

tunneling, address assignment, and authentication. L2TP allows transfer of Point-to-Point Protocol
(PPP) traffic between different networks.
L2TP combines with IPSec to provide both tunneling and security for Internet Protocol (IP),
Internetwork Packet Exchange (IPX), and other
protocol packets across IP networks.
Answer option C is incorrect. LEAP (Lightweight Extensible Authentication Protocol) is a proprietary
wireless LAN authentication method
developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual
authentication between a wireless client and a
RADIUS server. LEAP allows clients to re-authenticate frequently. The clients get a new WEP key
upon each successful authentication.