You work as a Security Manager for Tech Perfect Inc. You find that some applications have failed
to encrypt network traffic while ensuring secure communications in the organization. Which of the
following will you use to resolve the issue?
A.
SCP
B.
TLS
C.
IPSec
D.
HTTPS
Explanation:
In order to resolve the issue, you should use TLS (Transport Layer Security).
Transport Layer Security (TLS) is a cryptographic protocol that provides security and data integrity
for communications over networks such as the Internet. TLS and SSL encrypt the segments of
network connections at the Transport Layer end-to-end. Several versions of the protocols are in
wide-spread use in applications like web browsing, electronic mail, Internet faxing, instant
messaging, and voice-over-IP (VoIP). The TLS protocol, an application layer protocol, allows
client/server applications to communicate across a network in a way designed to prevent
eavesdropping, tampering, and message forgery. TLS provides endpoint authentication and
Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using
encryption and digital signing. It enhances the security of data as if an IPSec packet is captured,
its contents cannot be read. IPSec also provides sender verification that ensures the certainty of
(HTTPS) protocol is a protocol used in the Universal Resource Locater (URL) address line to
connect to a secure site. If a site has been made secure by using the Secure Sockets Layer (SSL)
is incorrect. The SCP (secure copy) protocol is a network protocol that supports file transfers. The
SCP protocol, which runs on port 22, is based on the BSD RCP protocol which is tunneled through
the Secure Shell (SSH) protocol to provide encryption and authentication. SCP might not even be
considered a protocol itself, but merely a combination of RCP and SSH. The RCP protocol
performs the file transfer and the SSH protocol performs authentication and encryption. SCP
protects the authenticity and confidentiality of the data in transit. It hinders the ability for packet
sniffers to extract usable information from the data packets.