312-50V11 · Question #290
The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronically over the Internet
The correct answer is A. Asymmetric. HTTPS uses asymmetric cryptography - a public/private key pair embedded in an SSL/TLS certificate - to secure the key exchange and encrypt data in transit. The certificate's public key encrypts and the server's private key decrypts, protecting sensitive data like credit card numb
Question
The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronically over the Internet. Customers visiting the site will need to encrypt the data with HTTPS. Which type of certificate is used to encrypt and decrypt the data?
Options
- AAsymmetric
- BConfidential
- CSymmetric
- DNon-confidential
How the community answered
(63 responses)- A95% (60)
- B3% (2)
- D2% (1)
Why each option
HTTPS uses asymmetric cryptography - a public/private key pair embedded in an SSL/TLS certificate - to secure the key exchange and encrypt data in transit. The certificate's public key encrypts and the server's private key decrypts, protecting sensitive data like credit card numbers.
Asymmetric cryptography relies on a mathematically linked public/private key pair; the SSL/TLS certificate contains the server's public key, which the client uses to encrypt the pre-master secret during the TLS handshake, and the server uses its private key to decrypt it. This mechanism secures the session establishment and protects sensitive e-commerce data such as credit card numbers transmitted over HTTPS.
'Confidential' is not a recognized certificate type or cryptographic classification in any PKI, SSL/TLS, or security standard.
Symmetric cryptography uses a single shared key for both encryption and decryption and is used for bulk data transfer after the TLS handshake is complete - it is not the certificate type that enables HTTPS encryption.
'Non-confidential' is not a defined certificate or cryptographic classification in any PKI framework or industry standard.
Concept tested: Asymmetric cryptography in SSL/TLS certificates for HTTPS
Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/encryption-overview
Topics
Community Discussion
No community discussion yet for this question.