CISSP · Question #550
CISSP Question #550: Real Exam Question with Answer & Explanation
The correct answer is A: Peer authentication. In SSL/TLS, asymmetric (public-key) cryptography is used during the handshake phase primarily for peer authentication and key exchange, while symmetric algorithms handle bulk data encryption.
Question
Asymmetric algorithms are used for which of the following when using Secure Sockets Layer/Transport Layer Security (SSL/TLS) for implementing network security?
Options
- APeer authentication
- BPayload data encryption
- CSession encryption
- DHashing digest
Explanation
In SSL/TLS, asymmetric (public-key) cryptography is used during the handshake phase primarily for peer authentication and key exchange, while symmetric algorithms handle bulk data encryption.
Common mistakes.
- B. Payload data encryption in SSL/TLS is performed by symmetric algorithms (e.g., AES), not asymmetric ones, because symmetric ciphers are far more efficient for encrypting large volumes of data.
- C. Session encryption uses symmetric algorithms such as AES negotiated during the handshake; asymmetric algorithms are too slow and resource-intensive to encrypt an entire session's traffic.
- D. Hashing digests in SSL/TLS are produced by cryptographic hash functions such as SHA-256, which are neither asymmetric nor symmetric algorithms but belong to a separate category of one-way hash functions.
Concept tested. SSL/TLS asymmetric cryptography role in authentication
Reference. https://learn.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview
Topics
Community Discussion
No community discussion yet for this question.