Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?
A.
L2TP
B.
ISAKMP
C.
IPSec
D.
LEAP
Explanation:
ISAKMP (Internet Security Association and Key Management Protocol) is a protocol for establishing Security Associations (SA) and cryptographic keys in an Internet environment. It provides a framework for the negotiation and management of security associations between peers and traverses on UDP/500 port. ISAKMP defines the procedures for authenticating a communicating peer, creation and management of Security Associations, key generation techniques, and threat mitigation (e.g. denial of service and replay attacks). ISAKMP defines procedures and packet formats to establish, negotiate, modify, and delete Security Associations. Security Associations contain all information required for execution of various network security services, such as the IP layer services (such as header authentication and payload encapsulation), transport or application layer services, or self-protection of negotiation traffic. ISAKMP defines payloads for exchanging key generation and authentication data. Answer option C is incorrect. Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security.
IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password. IPSec cannot be used with Point-to-Point Tunneling Protocol (PPTP). Answer option A is incorrect. Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to- Point Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. L2TP allows transfer of Point-to-Point Protocol (PPP) traffic between different networks. L2TP combines with IPSec to provide both tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol packets across IP networks. Answer option D is incorrect. LEAP (Lightweight Extensible Authentication Protocol) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication between a wireless client and a RADIUS server. LEAP allows clients to re-authenticate frequently. The clients get a new WEP key upon each successful authentication.