A cybersecurity analyst is tasked with securing communication between internal servers and remote clients. Which of the following would BEST provide both confidentiality and integrity of the data while also validating the authenticity of the remote servers?
Using self-signed SSL/TLS certificates for the servers
Implementing symmetric key encryption for data-in-transit
Distributing SSH keys to the clients for server authentication
Deploying SSL/TLS certificates from a trusted Certificate Authority
SSL/TLS certificates issued by a PKI enable encrypted communications, providing confidentiality and integrity, and also authenticate the server's identity. This ensures that clients are communicating with the genuine server and not an imposter. Self-signed certificates might offer encryption, but they do not provide third-party validation of server identity. SSH keys are used primarily for securing remote logins, not for encrypting web traffic. Symmetric key encryption does not provide authentication of the server to clients, as the same key is used for both encryption and decryption.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are SSL/TLS certificates and how do they work?
Open an interactive chat with Bash
What is a Certificate Authority (CA) and why is it important?
Open an interactive chat with Bash
What is the difference between self-signed certificates and CA-issued certificates?