Please solve hte Question carefully.. Thanks 49- A corporation users TLS certifi

Question

Please solve hte Question carefully.. Thanks

49- A corporation users TLS certifications to create IPSec tunnels to connect multiple retail locations to the corporate headquarters. The company also utilizes OCSP. Some of the information transferred over the IPSec tunnels plain-text credit card data. Management is worried that a compromised private key might allow attackers to decrypt previously transmitted traffic and expose this credit card information in the future. Which of the following cryptographic concept would BEST mitigate this threat? A) Use SHA-1 as the hashing algorithm for the ISAKMP sessions. B) Use PFS on the IPSec tunnels. C) Use the strongest possible AES encryption on the IPSec tunnels D) Use an out-of - band key exchange to exchange the public key.

Explanation / Answer

Answer is B: perfect foward secrecy protects data in the transport layer of the TLS

Related Questions

Navigate

• Browse (All)
• Browse P
• Subjects

---