The human resources (HR) department has developed a system to allow employees to enroll in
benefits via a web site on the corporate Intranet. Which of the following would protect the
confidentiality of the data?

A.
SSL encryption

B.
Two-factor authentication

C.
Encrypted session cookies

D.
IP address verification

Explanation:

The main risk in this scenario is confidentiality, therefore the only option which would provide
confidentiality is Secure Socket Layer (SSL) encryption. The remaining options deal with
authentication issues.