A security administrator is configuring a web server to protect customer data traveling across the Internet. The administrator wants to ensure that attackers cannot read or modify the information while it moves between the client and server but is less concerned with the data once it is stored on disk. Which type of encryption meets this requirement?
Transport or communication encryption, most commonly implemented through protocols such as TLS or DTLS, establishes an encrypted channel between endpoints to protect confidentiality and integrity while data is in transit. Full-disk encryption safeguards the entire storage device only when it is powered off, database encryption protects database files at rest (for example, Transparent Data Encryption), and file-level encryption secures individual files or folders on storage. None of those alternatives automatically protect packets moving across a network, so they do not mitigate sniffing or man-in-the-middle attacks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is transport/communication encryption?
Open an interactive chat with Bash
How does TLS protect against sniffing and man-in-the-middle attacks?
Open an interactive chat with Bash
Why is full-disk encryption not suitable for protecting data in transit?