Your company has performed a security audit. This audit uncovers that some of the encryption keys that secure the company business-to-business (B2B) financial transactions with its partners may be too weak. The security administrator needs to ensure that financial transactions will not be compromised if a weak encryption key is found. What should the security administrator implement?
A. Implement PFS on all VPN tunnels.
B. Implement PFS on all SSH connections.
C. Enable entropy on all SSLv2 transactions.
D. Implement AES256-CBC for all encrypted data.
A
Explanation: The security administrator should implement PFS on all VPN tunnels. This will ensure that the B2B financial transactions will not be comprised if a weak encryption key is found. Perfect forward secrecy (PFS) ensures that a session key derived from a set of long-term keys cannot be compromised if one of the long-term keys is compromised in the future.
None of the other options are correct. The B2B financial transactions should not use SSH connections. Entropy is the randomness collected by an application that is used in cryptography or other uses that require random data, which is often collected from hardware sources. AES256-CBC does not provide the same protection against compromise of a weak key as does PFS.
You might also like to view...
When a constructor function accepts no arguments, or does not have to accept arguments because of default arguments, it is called a(n)
a. empty constructor b. default constructor c. stand-alone function d. arbitrator function e. None of these
Why should you test your devices on physical devices? On multiple devices?
What will be an ideal response?
Each of the individual data items in a "structure" or single unit is an entity by itself that is referred to as a ____.
A. record B. union C. data structure D. data field
Editing View and the Reading View of Word Online serve different purposes. Describe some extra features of Editing View.
What will be an ideal response?