CompTIA Security Plus Mock Test Q1002

Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?

A. SFTP
B. HTTPS
C. TFTP
D. TLS


Correct Answer: D
Section: Cryptography

Explanation:
SSL establishes a session using asymmetric encryption and maintains the session using symmetric encryption.

Incorrect Answers:
A: SFTP, Secure File Transfer Protocol, does not provide authentication and security; it expects the underlying protocol to secure this.
B: HTTPS, “HTTP over SSL/TLS”, it is not a protocol in and of itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL or TLS protocol,
thus adding the security capabilities of SSL/TLS to standard HTTP communications.
C: TFTP, Trivial File Transfer Protocol, includes no login or access control mechanisms.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 76, 268-269, 274