A company is hardening the connection between its public e-commerce website and the browsers of customers worldwide. The security team wants to ensure that any data exchanged is unreadable if intercepted, that the server's identity can be validated by the client, and that any unauthorized modification of packets is detected immediately. Which protocol BEST satisfies these goals?
Transport Layer Security provides end-to-end encryption for applications such as HTTP, validates the server (and optionally the client) through X.509 certificates, and includes message authentication codes to detect tampering. SSH also offers encryption, but it is designed for interactive sessions and port forwarding rather than directly protecting web traffic. PEM is only a text encoding for keys and certificates, not a protocol. IPsec can secure network traffic but is most commonly deployed for site-to-site or remote-access VPN tunnels, not for protecting individual web sessions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Transport Layer Security (TLS) and how does it work?
Open an interactive chat with Bash
What is an X.509 certificate, and why is it important in TLS?
Open an interactive chat with Bash
How does TLS differ from other protocols like SSH and IPsec?