Effective CISSP Questions

PPP connects a client to the network access server (NAS) using dialup POTS, ISDN, ADSL, etc. L2TP extends PPP and connects a client to a remote NAS over the packet switching network. Which of the following is incorrect? (Wentz QOTD)
A. L2TP tunnels PPP frames to the remote network access server.
B. L2TP data messages are retransmitted when packet loss occurs.
C. PPP can optionally authenticate clients to establish the connection.
D. PPP encapsulates multiprotocol packets sent across layer 2 point-to-point links.

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. L2TP data messages are retransmitted when packet loss occurs.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams, and an informative reference for security professionals.

PPP Protocol Overview

According to RFC 1661, in the process of configuring, maintaining, and terminating the point-to-point link, the PPP link goes through several distinct phases which are specified in the following simplified state diagram:

   +------+        +-----------+           +--------------+
   |      | UP     |           | OPENED    |              | SUCCESS/NONE

   | Dead |------->| Establish |---------->| Authenticate |--+
   |      |        |           |           |              |  |
   +------+        +-----------+           +--------------+  |
      ^               |                        |             |
      |          FAIL |                   FAIL |             |
      +<--------------+             +----------+             |
      |                             |                        |
      |            +-----------+    |           +---------+  |
      |       DOWN |           |    |   CLOSING |         |  |
      +------------| Terminate |<---+<----------| Network |<-+
                   |           |                |         |
                   +-----------+                +---------+

L2TP Protocol Overview

   | PPP Frames        |
   +-------------------+    +-----------------------+
   | L2TP Data Messages|    | L2TP Control Messages |
   +-------------------+    +-----------------------+
   | L2TP Data Channel |    | L2TP Control Channel  |
   | (unreliable)      |    | (reliable)            |
   |      Packet Transport (UDP, FR, ATM, etc.)     |

   Figure 3.0 L2TP Protocol Structure

According to RFC 2661, Layer Two Tunneling Protocol (L2TP) utilizes two types of messages (unreliable channel), control messages and data messages (reliable channel).

  • Control messages are used in the establishment, maintenance, and clearing of tunnels and calls. Control messages utilize a reliable Control Channel within L2TP to guarantee delivery. L2TP uses UDP port 1701.
  • Data messages are used to encapsulate PPP frames being carried over the tunnel. Data messages are not retransmitted when packet loss occurs. L2TP is often used with Internet Protocol Security (IPSec) to protect data in transit.

Internet Protocol Security (IPSec)

IPSec uses the following ports:

  • IP protocol 50 for Encapsulated Security Protocol (ESP)
  • IP protocol 51 for Authentication Header (AH)
  • UDP port 500 for IKE Phase 1 negotiation and Phase 2 negotiations.
  • UDP ports 500 and 4500 are used, if NAT-T is used for IKE Phase 1 negotiation and Phase 2 negotiations


PPP 使用撥號 POTS、ISDN、ADSL 等將客戶端連接到網路存取服務器 (NAS)。L2TP 擴展了 PPP 並通過分封交換網絡將客戶端連接到遠程 NAS。 以下哪一項是不正確的? (Wentz QOTD)
A. L2TP 將 PPP幀(frame)以隧道傳輸到遠程網路存取服務器。
B. L2TP 的資料訊息(data message)在丟失時會重傳。
C. PPP 可以選擇性地驗證客戶端以建立連接。
D. PPP 可封裝的多協議數據包,並通過第二層點對點鏈路發送。

Leave a Reply