Which of the following are tunneling protocols used in a virtual private network (VPN)? Each correct answer represents a complete solution. Choose all that apply.

A.
L2TP

B.
SCP

C.
MD5

D.
PPTP

Explanation:
The tunneling protocols that are used in a virtual private network (VPN) are as follows:
Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to-Point Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. L2TP allows transfer of Point- to-Point Protocol (PPP) traffic between different networks. L2TP combines with IPSec to provide both tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol packets across IP networks.
The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP does not provide confidentiality or encryption. It relies on the protocol being tunneled to provide privacy. It is used to provide secure, low-cost remote access to corporate networks through public networks such as the Internet. Using PPTP, remote users can use PPP-enabled client computers to dial a local ISP and connect securely to the corporate network through the Internet. PPTP has been made obsolete by Layer 2 Tunneling Protocol (L2TP) and IPSec. Answer option B is incorrect. The SCP (secure copy) protocol is a network protocol that supports file transfers. The SCP protocol, which runs on port 22, is based on the BSD RCP protocol which is tunneled through the Secure Shell (SSH) protocol to provide encryption and authentication. SCP might not even be considered a protocol itself, but merely a combination of RCP and SSH. The RCP protocol performs the file transfer and the SSH protocol performs authentication and encryption. SCP protects the authenticity and confidentiality of the data in transit. It hinders the ability for packet sniffers to extract usable information from the data packets. Answer option C is incorrect. Message Digest 5 (MD5) is a cryptographic hash function designed by Ron Rivest. It has a 128-bit hash value. As an Internet standard (RFC 1321), MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. However, now that it is easy to generate MD5 collisions, it is possible for the person who created the file to create a second file with the same checksum, so this technique cannot protect against some forms of malicious tampering. In this case MD5 can only provide error-checking functionality. It will recognize a corrupt or incomplete download, which becomes more likely when downloading larger files. An MD5 hash is typically expressed as a 32 digit hexadecimal number.