nerdexam
EC-Council

312-50V10 · Question #174

Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols th

The correct answer is C. Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to. SSL/TLS uses asymmetric (public/private key pair) encryption during the handshake phase to authenticate the server and securely establish session keys.

Cryptography

Question

Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentially, data integrity, authentication, and non- repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Basic example to understand how cryptography works is given below:

Which of the following choices true about cryptography?

Options

  • AAlgorithm is not the secret; key is the secret.
  • BPublic-key cryptography, also known as asymmetric cryptography, public key is for decrypt,
  • CSecure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to
  • DSymmetric-key algorithms are a class of algorithms for cryptography that use the different

How the community answered

(40 responses)
  • A
    8% (3)
  • B
    3% (1)
  • C
    73% (29)
  • D
    18% (7)

Why each option

SSL/TLS uses asymmetric (public/private key pair) encryption during the handshake phase to authenticate the server and securely establish session keys.

AAlgorithm is not the secret; key is the secret.

While Kerckhoffs's principle ('the algorithm is not the secret; the key is the secret') is a recognized design principle, it is not a universally absolute rule - some proprietary systems do keep their algorithms secret, making this a best-practice guideline rather than an invariable fact.

BPublic-key cryptography, also known as asymmetric cryptography, public key is for decrypt,

In standard asymmetric cryptography, the public key is used to encrypt (or verify signatures) and the private key is used to decrypt (or sign) - this choice reverses that relationship, making it incorrect.

CSecure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) toCorrect

SSL/TLS relies on asymmetric encryption using a public/private key pair during the handshake to authenticate the server and securely exchange a symmetric session key. This use of asymmetric cryptography is a fundamental and verifiable design feature of SSL/TLS, enabling secure communication over untrusted public networks.

DSymmetric-key algorithms are a class of algorithms for cryptography that use the different

Symmetric-key algorithms use the same single shared key for both encryption and decryption - using different keys for each operation is the defining characteristic of asymmetric, not symmetric, algorithms.

Concept tested: SSL/TLS asymmetric encryption handshake mechanism

Source: https://learn.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview

Topics

#SSL#asymmetric encryption#key exchange#cryptography fundamentals

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice