CISSP · Question #460
Digital certificates used transport Layer security (TLS) support which of the following?
The correct answer is D. Non-reputation controls and data encryption. Digital certificates used in TLS provide non-repudiation controls through digital signatures and data encryption through key exchange mechanisms, supporting both authentication proof and confidentiality.
Question
Digital certificates used transport Layer security (TLS) support which of the following?
Options
- AServer identify and data confidentially
- BInformation input validation
- CMulti-Factor Authentication (MFA)
- DNon-reputation controls and data encryption
How the community answered
(21 responses)- B5% (1)
- C5% (1)
- D90% (19)
Why each option
Digital certificates used in TLS provide non-repudiation controls through digital signatures and data encryption through key exchange mechanisms, supporting both authentication proof and confidentiality.
While server identity verification is a function of TLS certificates, this answer pairs it with 'data confidentially' which is a misspelling and incomplete description compared to the more comprehensive answer D which includes non-repudiation controls.
Input validation is an application-layer security control used to prevent injection attacks and is not a function of digital certificates or TLS.
Multi-factor authentication is an identity verification method requiring multiple credential types and is not a direct function provided by TLS digital certificates.
Digital certificates in TLS provide non-repudiation through digital signatures that cryptographically bind a party to their communications, ensuring they cannot deny having participated. They also enable data encryption by facilitating the exchange of symmetric keys through public key cryptography, ensuring confidentiality of data in transit. Together, these represent the core security functions that TLS certificates are designed to support.
Concept tested: TLS digital certificate security functions and capabilities
Source: https://learn.microsoft.com/en-us/windows/win32/secauthn/tls-handshake-protocol
Topics
Community Discussion
No community discussion yet for this question.