Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...


What is SSL and why is it not enough when it comes to encryption?



What is SSL and why is it not enough when it comes to encryption?..

Answer / chaitanya

SSL is identity verification, not hard data encryption. It is designed to be able to prove that the person you are talking to on the other end is who they say they are. SSL and its big brother TLS are both used almost everyone online, but the problem is because of this it is a huge target and is mainly attacked via its implementation (The Heartbleed bug for example) and its known methodology. As a result, SSL can be stripped in certain circumstances, so additional protections for data-in-transit and data-at-rest are very good ideas.

Is This Answer Correct ?    0 Yes 1 No

Post New Answer

More Computer Security Interview Questions

What is the Three-way handshake? How can it be used to create a DOS attack?

1 Answers  


On a Windows network, why is it easier to break into a local account than an AD account?

1 Answers  


 What is the Chain of Custody?

1 Answers  


Why would you bring in an outside contractor to perform a penetration test?

1 Answers  


You are an employee for a tech department in a non-management position. A high-level executive demands that you break protocol and allow him to use his home laptop at work. What do you do?

1 Answers  


What are the most common computer applications?

0 Answers  


 Why would you want to use SSH from a Windows pc?

1 Answers  


What is residual risk?

1 Answers  


What’s the difference between Symmetric and Asymmetric encryption?

1 Answers  


What’s better, a red team or a blue team?

1 Answers  


What is meant by computer application?

0 Answers  


1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?

0 Answers  


Categories
  • Computer Security Interview Questions Computer Security (58)
  • Mobile Security Interview Questions Mobile Security (9)
  • Hacking Interview Questions Hacking (33)
  • Security AllOther Interview Questions Security AllOther (4)