nerdexam
F5

101 · Question #560

What is used to provide mutual authentication for TLS/SSL?

The correct answer is A. X.509 Certificate. Mutual TLS/SSL authentication relies on X.509 digital certificates to cryptographically verify the identity of both the client and the server.

Section 4: Security Basics

Question

What is used to provide mutual authentication for TLS/SSL?

Options

  • AX.509 Certificate
  • BAccess List
  • CShared Secret key
  • DMutually Trusted issuer

How the community answered

(41 responses)
  • A
    93% (38)
  • B
    2% (1)
  • C
    5% (2)

Why each option

Mutual TLS/SSL authentication relies on X.509 digital certificates to cryptographically verify the identity of both the client and the server.

AX.509 CertificateCorrect

X.509 certificates enable mutual authentication in TLS/SSL by requiring both parties to present a digital certificate signed by a trusted Certificate Authority, allowing each side to verify the other's identity using public-key cryptography. The certificate binds a public key to an identity and is validated through a chain of trust. This is the standard mechanism defined in TLS 1.2 and 1.3 for two-way certificate-based authentication.

BAccess List

Access lists filter network traffic based on IP addresses or ports and play no role in authenticating the identity of TLS/SSL endpoints.

CShared Secret key

A shared secret key is used in symmetric or pre-shared key scenarios, not in the certificate-based mutual authentication process that TLS/SSL requires for identity verification.

DMutually Trusted issuer

A mutually trusted issuer (Certificate Authority) is a prerequisite for certificate chain validation, but the mechanism that actually performs authentication is the X.509 certificate itself, not the concept of a trusted issuer alone.

Concept tested: TLS/SSL mutual authentication using X.509 certificates

Source: https://www.rfc-editor.org/rfc/rfc5280

Topics

#mutual authentication#TLS#SSL#X.509 certificate

Community Discussion

No community discussion yet for this question.

Full 101 Practice