For the Security+ exam, you must know the characteristics of each of the symmetric algorithms, from when it is used to its key length. Remember, they will never ask you which key encrypts or decrypts, as the answer would always be the private key, also known as the shared key. Let us look at each of these in turn:
- Advanced Encryption Standard (AES): AES comes in three key strengths: 128, 192, and 256 bits. The AES is commonly used for L2TP/IPSec VPNs.
- Data Encryption Standard (DES): The DES groups data into 64-bit blocks, but for the purpose of the exam it is seen as a 56-bit key, making it the faster but weakest of the symmetric algorithms. This could be used for L2TP/IPSec VPNs, but is weaker than AES.
- Triple DES (3DES) ...