A security administrator wishes to protect session leys should a private key become discovered.
Which of the following should be enabled in IPSec to allow this?
A.
Perfect forward secrecy
B.
Key escrow
C.
Digital signatures
D.
CRL
Which of the following should be enabled in IPSec to allow this?
A security administrator wishes to protect session leys should a private key become discovered.
Which of the following should be enabled in IPSec to allow this?
A.
I agree it’s A.
Correct answer is A.
Forward secrecy is a property of any key exchange system, which ensures that if one key is compromised, subsequent keys will not also be compromised. Perfect forward secrecy occurs when this process is unbreakable.
Key escrow addresses the possibility that a third party may need to access keys.
Yup, it’s A.