CISSP Question #411: Real Exam Question with Answer & Explanation

The correct answer is B: Ron Rivest Cipher 4 (RC4) encryption. Ron Rivest Cipher 4 (RC4) encryption is the weakest form of protection for an application that handles Personally Identifiable Information (PII). RC4 is a stream cipher that uses a variable- length key to generate a pseudorandom keystream that is XORed with the plaintext. RC4 has

Submitted by amina.ke· Mar 5, 2026Security Architecture and Engineering

Question

Which of the following is the weakest form of protection for an application that handles Personally Identifiable Information (PII)?

Options

ATransport Layer Security (TLS)
BRon Rivest Cipher 4 (RC4) encryption
CSecurity Assertion Markup Language (SAML)
DMultifactor authentication

Explanation

Ron Rivest Cipher 4 (RC4) encryption is the weakest form of protection for an application that handles Personally Identifiable Information (PII). RC4 is a stream cipher that uses a variable- length key to generate a pseudorandom keystream that is XORed with the plaintext. RC4 has been found to have several vulnerabilities, such as biases in the keystream, weak keys, and plaintext recovery attacks. RC4 is no longer considered secure and has been deprecated by many standards and protocols, such as TLS and WPA.

Topics

#cryptographic weakness#RC4#PII protection

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions