nerdexam
CompTIA

SY0-301 · Question #83

Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?

The correct answer is B. HTTPS. HTTPS uses TLS/SSL, which employs a hybrid encryption model: asymmetric cryptography (e.g., RSA) is used during the TLS handshake to authenticate the server and securely exchange a session key, then symmetric encryption (e.g., AES) is used for the rest of the session because it i

General security concepts

Question

Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?

Options

  • ASFTP
  • BHTTPS
  • CTFTP
  • DTLS

How the community answered

(53 responses)
  • B
    94% (50)
  • C
    2% (1)
  • D
    4% (2)

Explanation

HTTPS uses TLS/SSL, which employs a hybrid encryption model: asymmetric cryptography (e.g., RSA) is used during the TLS handshake to authenticate the server and securely exchange a session key, then symmetric encryption (e.g., AES) is used for the rest of the session because it is far more efficient for bulk data transfer. SFTP (A) uses SSH for encryption, not this hybrid TLS model. TFTP (C) has no encryption at all. TLS (D) is the underlying protocol that enables this behavior, but HTTPS is the application-level protocol that is identified in practice as using this hybrid approach.

Topics

#TLS#asymmetric encryption#symmetric encryption#HTTPS

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice