Recent data loss on financial servers due to security breaches forced the system administrator to harden
their systems. Which of the following algorithms with transport encryption would be implemented to
provide the MOST secure web connections to manage and access these servers?

A.
SSL

B.
TLS

C.
HTTP

D.
FTP

Explanation:
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic
protocols designed to provide communications security over a computer network. Transport Layer
Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will
replace SSL in the future. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL
Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0, 1.1, and
1.2, have them enabled by default.
Incorrect Answers:
A: As of 2014 the 3.0 version of SSL is considered insecure as it is vulnerable to the POODLE attack that
affects all block ciphers in SSL; and RC4, the only non-block cipher supported by SSL 3.0, is also feasibly
broken as used in SSL 3.0.
B: The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative,
hypermedia information systems. HTTP is not a transport protocol.D: The File Transfer Protocol (FTP) is not a transport layer protocol. FTP is a standard network protocol
used to transfer computer files from one host to another host over a TCP-based network, such as the
Internet.
FTP is built on a client-server architecture and uses separate control and data connections between the
client and the server.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 75, 268-269