Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ SY0-501 > Perfect Forward Secrecy 6.1 > Flashcards

Perfect Forward Secrecy 6.1 Flashcards

1
Q

Traditional Web Server Encryption

A

SSL/TLS uses encryption keys to protect web server communication. Traditionally this has been based on a private key stored on the web server. If you have a copy of the private key on the web server, and you’ve captured all the data, you can rebuild all of the conversations in a decrypted form. This is one point of failure for all of your web site encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Perfect Forward Secrecy (PFS)

A

In order to protect key exchange, you change the method of the key exchange. You don’t use the servers RSA key. (Don’t worry about RSA acronym) You can create keys on the fly. You can instead use Elliptic curve or Diffie-Hellman ephemeral keys. This means if someone captures all the data, they still could not decrypt it because they would not have the private key. PFS requires more computing power, so not all servers will use PFS. The browser must be able to support PFS, however most modern browsers do support it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ SY0-501 (134 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions