CompTIA Security Plus Mock Test Q1060

Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers?

A. SSL
B. TLS
C. HTTP
D. FTP


Correct Answer: B
Section: Cryptography

Explanation:
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network.
Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL in the future. TLS 1.0 was first defined in RFC
2246 in January 1999 as an upgrade of SSL Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0, 1.1, and 1.2, have them enabled by
default.

Incorrect Answers:
A: As of 2014 the 3.0 version of SSL is considered insecure as it is vulnerable to the POODLE attack that affects all block ciphers in SSL; and RC4, the only non-block cipher
supported by SSL 3.0, is also feasibly broken as used in SSL 3.0.
B: The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is not a transport protocol.
D: The File Transfer Protocol (FTP) is not a transport layer protocol. FTP is a standard network protocol used to transfer computer files from one host to another host over a TCPbased
network, such as the Internet.
FTP is built on a client-server architecture and uses separate control and data connections between the client and the server.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 75, 268-269