A company needs to receive data that contains personally identifiable information. The company requires both the transmission and data at rest to be encrypted.
Which of the following achieves this goal? (Select TWO).
A.
SSH
B.
TFTP
C.
NTLM
D.
TKIP
E.
SMTP
F.
PGP/GPG
Explanation:
We can use SSH to encrypt the transmission and PGP/GPG to encrypt the data at rest (on disk).
A: Secure Shell (SSH) is a cryptographic protocol that can be used to secure network communication. It establishes a secure tunnel over an insecure network.
F: Pretty Good Privacy (PGP) is a data encryption and decryption solution that can be used for signing, encrypting, and decrypting texts, e-mails, files, directories,
and whole disk partitions and to increase the security of e-mail communications.
Incorrect Answers:
B: TFTP (Trivial File Transfer Protocol) is used for transferring files. However, it offers no encryption capability.
C: NTLM (NT Lan Manager) is a Microsoft authentication mechanism used in older Windows operating systems. It is now superseded by Kerberos authentication.
NTLM does provide hashing but it does not provide encryption capability.
D: TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs (WLANs). TKIP is used with
WPA to secure wireless connection. However, TKIP on its own cannot encrypt the data or network connection.
E: SMTP (Simple Mail Transfer Protocol) is used to sending email. However, it offers no encryption capability.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 76, 145, 171, 256, 271, 272
http://en.wikipedia.org/wiki/Secure_Shell
http://en.wikipedia.org/wiki/Pretty_Good_Privacy