CompTIA Security Plus Mock Test Q1123

A system administrator is setting up a file transfer server. The goal is to encrypt the user authentication and the files the user is sending using only a user ID and a key pair. Which of the following methods would achieve this goal?

A. AES
B. IPSec
C. PGP
D. SSH


Correct Answer: D
Section: Cryptography

Explanation:
With SSH you can use automatically generated public-private key pairs to encrypt a network connection, and then use password authentication to log on. Or you can use a manually
generated public-private key pair to perform the authentication, allowing users or programs to log in without having to specify a password.

Incorrect Answers:
A: AES is an algorithm used in symmetric key cryptography. Symmetric or secret-key ciphers use the same key for encrypting and decrypting. This means that there is only one key,
not a key pair.
B: IPSec provides secure authentication and encryption of data and headers for LAN-to-LAN connections.
C: Pretty Good Privacy (PGP) is mainly used for message encryption.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 91, 272
https://en.wikipedia.org/wiki/Secure_Shell
http://searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard