nerdexam
Exams101Questions#560
F5

101 · Question #560

101 Question #560: Real Exam Question with Answer & Explanation

The correct answer is A: X.509 Certificate. Mutual TLS/SSL authentication relies on X.509 digital certificates to cryptographically verify the identity of both the client and the server.

Question

What is used to provide mutual authentication for TLS/SSL?

Options

  • AX.509 Certificate
  • BAccess List
  • CShared Secret key
  • DMutually Trusted issuer

Explanation

Mutual TLS/SSL authentication relies on X.509 digital certificates to cryptographically verify the identity of both the client and the server.

Common mistakes.

  • B. Access lists filter network traffic based on IP addresses or ports and play no role in authenticating the identity of TLS/SSL endpoints.
  • C. A shared secret key is used in symmetric or pre-shared key scenarios, not in the certificate-based mutual authentication process that TLS/SSL requires for identity verification.
  • D. A mutually trusted issuer (Certificate Authority) is a prerequisite for certificate chain validation, but the mechanism that actually performs authentication is the X.509 certificate itself, not the concept of a trusted issuer alone.

Concept tested. TLS/SSL mutual authentication using X.509 certificates

Reference. https://www.rfc-editor.org/rfc/rfc5280

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 101 Practice