Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?

A.
SFTP

B.
HTTPS

C.
TFTP

D.
TLS

Explanation:
SSL establishes a session using asymmetric encryption and maintains the session using symmetric encryption.
Incorrect Answers:
A: SFTP, Secure File Transfer Protocol, does not provide authentication and security; it expects the underlying protocol to secure this.
B: HTTPS, “HTTP over SSL/TLS”, it is not a protocol in and of itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the
SSL or TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.
C: TFTP, Trivial File Transfer Protocol, includes no login or access control mechanisms.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 76, 268-269, 274