SK0-005 · Question #98
SK0-005 Question #98: Real Exam Question with Answer & Explanation
The correct answer is B: Server public key. When establishing an HTTPS connection, a web server distributes its server public key to clients, allowing them to encrypt data that only the server, with its corresponding private key, can decrypt.
Question
Which of the following PKI elements will a web server distribute to all of its clients using HTTPS?
Options
- ARoot CA public key
- BServer public key
- CRoot CA private key
- DServer private key
- EServer session key
Explanation
When establishing an HTTPS connection, a web server distributes its server public key to clients, allowing them to encrypt data that only the server, with its corresponding private key, can decrypt.
Common mistakes.
- A. While the Root CA's public key is essential for validating the server's certificate, it is typically already trusted and stored in the client's trust store, not explicitly distributed by the web server during each connection.
- C. The Root CA's private key is used to sign certificates and must be kept strictly confidential by the Certificate Authority; it is never distributed to clients.
- D. The server's private key is a secret component kept only by the server to decrypt data encrypted with its public key and to sign responses; it is never shared with clients.
- E. A server session key is a symmetric key generated after the initial handshake, often using the server's public key for initial secure exchange, and is unique to each session, not a static PKI element distributed.
Concept tested. HTTPS SSL/TLS handshake and public key distribution
Reference. https://learn.microsoft.com/en-us/windows/win32/secauthn/public-key-cryptography
Topics
Community Discussion
No community discussion yet for this question.