CompTIA Security+ Certification (SY0-501): Practice Tests

Which of the following is generally a script planted by a disgruntled employee or other malicious actor that is set to execute at a certain time?

Options are :

  • Virus
  • Trojan horse
  • Logic bomb (Correct)
  • Adware

Answer : Logic bomb

Explanation A logic bomb is simply a script that is set to execute at a certain time. Logic bombs are usually created by rogue administrators or disgruntled employees.A virus is a piece of malicious software that must be propagated through a definite user action. A Trojan horse is a piece of software that seems to be of value to the user, but in reality is malware. Adware is usually annoying advertisements that come in the form of pop-up messages in a user?s browser.

Which of the following methods of strengthening weak keys involves taking a weak initial key and feeding it to an algorithm that produces an enhanced key, which is much stronger?

Options are :

  • Key streaming
  • Key repetition
  • Key exchange
  • Key stretching (Correct)

Answer : Key stretching

Explanation Key stretching is a technique used to change weak keys into stronger ones by feeding them into an algorithm to produce enhanced keys.Key streaming involves sending individual characters of the key through an algorithm and using mathematical XOR function to change the output. Key repetition is not a valid answer or term. Key exchange involves generating and exchanging a asymmetric key used for a particular communications session, or exchanging public keys in order to use them for public key cryptography.

Which the following is a recognized way of restricting access to applications?

Options are :

  • Whitelisting
  • Blacklisting (Correct)
  • Graylisting
  • Filtering

Answer : Blacklisting

Explanation Blacklisting is a technique that involves an administrator adding undesirable or restricted software or applications to a list on content filtering devices, in group policy, or through some other type of mechanism. This ensures that users are not allowed to download, install, or execute these particular applications.Whitelisting is the opposite of blacklisting; applications that users are allowed to download, install, and execute are added to a whitelist. There is no such term as graylisting. Filtering typically involves checking traffic on a network device based upon specific characteristics. The term normally does not apply to software or applications.

Which type of network intrusion detection system (NIDS) develops a baseline of normal traffic so it can detect deviations in this traffic that might indicate an attack?

Options are :

  • Rule-based system
  • Anomaly-based system (Correct)
  • Signature-based system
  • Filter-based system

Answer : Anomaly-based system

Explanation Anomaly-based systems detect unusual network traffic patterns based upon a baseline of normal network traffic.Rule-based systems use predefined rule sets. Signature-based systems use predefined traffic signatures that are typically downloaded from a vendor. Filter-based systems, such as routers and firewalls, base detection on access control lists that specify traffic that is permitted and denied.

Which of the following types of network-connected systems can manage heating, ventilation, and air-conditioning controls?

Options are :

  • Minicomputers
  • Embedded hosts
  • Supervisory control and data acquisition (Correct)
  • Mainframes

Answer : Supervisory control and data acquisition

Explanation Supervisory control and data acquisition (SCADA) systems are used to control and manage heating, ventilation, air-conditioning, and other types of industrial and environmental systems.Minicomputers are antiquated computers that performed advanced tasks in the place of mainframe systems and are no longer widely in use. Although some SCADA systems could be embedded, embedded hosts normally refer to systems that have operating systems burned into their computer chips. Mainframe systems normally do not control industrial types of systems, such as heating, ventilation, and air-conditioning.

Which of the following uses a management information base (MIB) to provide detailed device-specific information to a central management console?

Options are :

  • SMTP
  • SNMP (Correct)
  • Syslog
  • ACL

Answer : SNMP

Explanation The Simple Network Management Protocol (SNMP) uses a management information base, or MIB, specific to each device and from which device information can be obtained.SMTP, the Simple Mail Transport Protocol, is responsible for sending e-mail. Syslog is a log server found in UNIX and Linux systems. An access control list (ACL) resides on network devices and filters traffic coming into and out of a device.

Which type of assessment is used to determine weaknesses within a system?

Options are :

  • Vulnerability assessment (Correct)
  • Threat assessment
  • Risk assessment
  • Penetration test

Answer : Vulnerability assessment

Explanation A vulnerability assessment looks for weaknesses in systems.A threat assessment looks at events that could exploit vulnerabilities. A risk assessment is a combination of assessments and is designed to assess factors, including likelihood and impact, that affect an asset. A penetration test actually attempts to exploit any found weaknesses (usually after a vulnerability assessment) to gain access to systems.

What is the biggest difference between EAP-TLS and EAP-TTLS?

Options are :

  • EAP-TTLS needs server and client certifcates; EAP-TLS only needs server certifcates.
  • EAP-TTLS can use unsigned certifcates; EAP-TLS must have third-party signed certificates.
  • EAP-TLS can use unsigned certifcates; EAP-TTLS must have third-party signed certificates.
  • EAP-TLS needs server and client certifcates; EAP-TTLS only needs server certifcates. (Correct)

Answer : EAP-TLS needs server and client certifcates; EAP-TTLS only needs server certifcates.

Explanation EAP-TLS needs server and client certifcates; EAP-TTLS only needs server certifcates.The EAP standard does not define the use of signed or unsigned certificates, although most implementations require signed certificates.

Which of the following enables a user to provide one set of credentials to the system and use those credentials throughout other interconnected systems?

Options are :

  • Multifactor authentication
  • Single-factor authentication
  • Single sign-on (Correct)
  • Pass-through authentication

Answer : Single sign-on

Explanation Single sign-on is a method of authentication that enables a user to provide one set of credentials and use them throughout an interconnected network. Both Kerberos and Sesame protocols allow single sign-on.Multifactor authentication refers to the use of several different factors to authenticate to a system, such as something you know, something you are, and something you have. Multifactor authentication can be used in a single sign-on environment but is not necessarily required. Single-factor authentication uses only one factor, such as something you know, to authenticate to a system. It can also be used in a single sign-on environment but is not required. Pass-through authentication can appear to be similar to single sign-on, but it requires all individual systems simply to accept credentials passed from another system without a unified approach.

All of the following are characteristics of the RADIUS authentication protocol, EXCEPT:

Options are :

  • RADIUS encrypts user passwords during the authentication process.
  • RADIUS accepts earlier forms of authentication protocols, such as PAP.
  • RADIUS uses UDP port 1812.
  • RADIUS uses TCP port 1812. (Correct)

Answer : RADIUS uses TCP port 1812.

Explanation RADIUS does not use TCP.All of these are characteristics of the RADIUS protocol.

Which of the following security controls allows connectivity to a network based on the system?s hardware address?

Options are :

  • WEP encryption
  • MAC address filtering (Correct)
  • Disabling SSID broadcast
  • WPA2 encryption

Answer : MAC address filtering

Explanation Filtering by the MAC address ensures that only specific systems can access the wireless network based on the MAC address generally presented by the network card. That address is added into a list of systems that can connect (or not).Encryption technologies cannot stop specific systems from entering the network on its own. Disabling the SSID broadcast cannot stop systems from connecting if they determine the SSID through other means.

Which of the following DES/AES encryption modes is considered the weakest?

Options are :

  • ECB (Correct)
  • CBC
  • OFB
  • CTR

Answer : ECB

Explanation With ECB mode, a given piece of plaintext will always produce the same corresponding piece of ciphertext. This predicability makes it weak.While CBC, OFB, and CTR mode go about the processes in different ways, these modes lack ECB's predicability, adding strength to the underlying cryptosystem.

Which of the following can cause a successful attack on a system when a user enters malicious code or characters into a form field on a Web application?

Options are :

  • Lack of restrictive permissions on the Web form
  • Lack of input validation (Correct)
  • Lack of adequate memory in a buffer
  • Lack of properly formatted HTML

Answer : Lack of input validation

Explanation A lack of input validation in the Web form field may allow certain types of attacks to take place when a user enters malicious or incorrect characters in the form.Permissions do not affect the quality or type of input in the field, only who can access and perform actions on the form. Adequate memory in a buffer cannot perform input validation functions. Properly formatted HTML cannot perform input validation on a form field.

Which of the following fire suppression chemicals was banned in 1987 and can no longer be used in data centers?

Options are :

  • Water
  • Halon (Correct)
  • Carbon dioxide
  • FM-200

Answer : Halon

Explanation Halon is a dangerous chemical that was previously used in data centers to suppress fires. However, it was banned in 1987 because it is also dangerous to human beings.Water is still used to combat certain classes of fires. Carbon dioxide is used to combat both liquid and electrical fires. FM-200 has generally replaced Halon in data center fire suppression systems.

All of the following types of social engineering attacks might go undetected by the victim, except:

Options are :

  • Shoulder surfing
  • Tailgating
  • Dumpster diving
  • Coercion (Correct)

Answer : Coercion

Explanation Coercion attacks generally require direct confrontation with the victim, so they are usually detected.All of these attacks may go undetected by the victim, because they may not require any direct interaction with the target and can be performed subtly by the attacker without the victim noticing.

An attack in which an attacker attempts to disconnect a victim?s wireless host from its access point is called a(n) __________.

Options are :

  • Spoofing
  • Deauthentication attack (Correct)
  • Replay attack
  • Initialization vector attack

Answer : Deauthentication attack

Explanation A deauthentication attack involves sending specially-crafted traffic to both a wireless client and an access point, in the hopes of causing them to deauthenticate with each other and disconnect.A spoofing attack involves impersonating a wireless client or access point, either through its IP or MAC address. A replay attack involves the reuse of intercepted non-secure credentials to gain access to a system or network. Initialization vector (IV) attacks involve attempting to break WEP keys by targeting their weak IVs.

Which of the following algorithms won the U.S. government?sponsored competition to become the Advanced Encryption Standard (AES)?

Options are :

  • Blowfish
  • Twofish
  • Rijindael (Correct)
  • RC4

Answer : Rijindael

Explanation Rijindael was selected as the winner of the NIST competition and became the U.S. government?s Advanced Encryption Standard (AES).Twofish, another symmetric algorithm, was one of the five finalists for the competition, but it did not win. Blowfish is also symmetric algorithm, but was not considered in the competition to be the AES. RC4 is a symmetric streaming cipher commonly seen in WEP and SSL implementations. It was not one of the finalists involved in the AES competition.

Which of the following policy settings prevent a user from rapidly changing passwords and cycling through his or her password history to reuse a password?

Options are :

  • Password history
  • Maximum password age
  • Minimum password age (Correct)
  • Password complexity

Answer : Minimum password age

Explanation The minimum password age setting is used to force users to use a password for a minimum amount of time before they are allowed to change it. This prevents them from rapidly cycling through the password history to reuse an older password.Password history simply records a previous number of passwords, so that they cannot be reused in the system. The maximum password age is used to expire a password after a certain time period. Password complexity enforces the use of longer password lengths and character spaces, increasing password strength.

You have received reports that a number of hosts in your company's internal network are sluggish and unresponsive. After troubleshooting other items, you decide to use a sniffer to examine the network traffic coming into the host. You see that massive amounts of ICMP broadcasts are being sent on the network. The switch is having trouble processing all of this traffic, due to repeated ICMP replies, causing it to slow down. Which of the following is the most likely explanation for this?

Options are :

  • Flood attack (Correct)
  • Malware attack
  • Man-in-the-middle attack
  • Phishing attack

Answer : Flood attack

Explanation A flood is a type of network attack based upon confusing a switch with ICMP traffic.Malware would not cause a large volume of ICMP segments to be sent to a host. A man-in-the-middle attack attempts to break into an existing communications session, and is not a denial-of service attack. A phishing attack is a form of social engineering attack using e-mail.

Which of the following terms indicates the length of time a device is expected to last in operation, and only a single, definitive failure will occur and will require that the device be replaced rather than repaired?

Options are :

  • Mean time between failures
  • Mean time to recovery
  • Mean time to failure (Correct)
  • Mean time to replace

Answer : Mean time to failure

Explanation The mean time to failure (MTTF) is the length of time a device is expected to last in operation. In MTTF, only a single, definitive failure will occur and will require that the device be replaced rather than repaired.Mean time between failures (MTBF) represents the manufacturer?s best guess (based on historical data) regarding how much time will pass between major failures of that component. This assumes that more than one failure will occur, which means that the component will be repaired, rather than replaced. Mean time to recovery (MTTR) is the amount of time it takes for a hardware component to recover from failure. Mean time to replace is not a valid term.

What is the second step in the incident response life cycle?

Options are :

  • Containment, eradication, and recovery
  • Preparation
  • Post-incident activity
  • Detection and analysis (Correct)

Answer : Detection and analysis

Explanation Detection and analysis is the second step of the incident response life cycle.In order, the steps of the incident response life cycle are preparation; detection and analysis; containment, eradication, and recovery; and post-incident activity.

Which of the following statements best describes the relationship between the elements of risk?

Options are :

  • Threat actors initiate vulnerabilities.
  • Threats exploit vulnerabilities. (Correct)
  • Threats cause impact to vulnerabilities.
  • Threat actors create vulnerabilities in assets.

Answer : Threats exploit vulnerabilities.

Explanation Threats exploit vulnerabilities.The relationship between the elements of risk are as follows: threat actors initiate threats, which in turn exploit vulnerabilities.

During which stage of a secure development model would you normally find steps such as secure code review, fuzzing, and vulnerability assessments?

Options are :

  • Security testing (Correct)
  • Secure design
  • Security requirements
  • Secure implementation

Answer : Security testing

Explanation During the secure testing phase of the secure software development model, software is measured or tested against security, functional, and performance requirements. This may include secure code review, application fuzzing, and vulnerability assessments, as well as penetration testing.In the secure design stage, different security functionality is designed into the application. In the security requirements stage, requirements for different security functions are determined. During secure implementation of software, security requirements are validated as implemented in the application.

Which of the following utilities are specifically used to diagnose DNS issues? (Select Two)

Options are :

  • dig (Correct)
  • Nmap
  • Kali
  • nslookup (Correct)
  • ping

Answer : dig nslookup

Explanation Both dig and nslookup are designed to query DNS servers.One might argue that Nmap and ping might be used to diagnose DNS, but neither of them are specifically for DNS queries. Kali is a Linux distro, not a utility.

Which of the following describe a false reject rate? (Choose two.)

Options are :

  • The error caused from rejecting someone who is in fact an authorized user (Correct)
  • Type I error (Correct)
  • The error caused when an unauthorized user is validated as authorized
  • Type II error

Answer : The error caused from rejecting someone who is in fact an authorized user Type I error

Explanation A false reject rate (FRR) is the error caused from rejecting an authorized user; it is also called a Type I error.A false acceptance rate (FAR) is the error caused when an unauthorized user is validated as authorized, also referred to as a Type II error.

Which of the following access control models enables a person who creates or owns objects to define permissions to access those objects?

Options are :

  • Mandatory access control model
  • Rule-based access control model
  • Role-based access control model
  • Discretionary access control model (Correct)

Answer : Discretionary access control model

Explanation Discretionary access control enables a user who has created or owns an object, such as a file or folder, the discretion to assign permissions for that object to anyone they choose.Mandatory access control models use labels and security clearances to grant access to objects. Rule-based access control models use a specific set of rules that control the interaction between users and objects. Role-based access control models use defined roles with specific rights and permissions assigned to those roles to control access to objects.

During which type of assessment would penetration testers not have any knowledge about the network and network defenders have no knowledge of the test itself?

Options are :

  • Black box test
  • Blind test
  • Double-blind test (Correct)
  • Gray box test

Answer : Double-blind test

Explanation In a double-blind test, testers have no prior knowledge of the network they are testing, and network defenders have no prior knowledge of the test and aren?t aware of any attacks unless they can detect and defend against them. This test is designed to test the defenders? abilities to detect and respond to attacks and to test and exploit vulnerabilities on the network.In a black box test, only the testers have no knowledge of details about this network configuration. This type of test is also referred to as a blind test. In a gray box test, the penetration tester may have some limited knowledge of the network or systems, gained from the organization that wants the test.

Which of the following processes is concerned with validating credentials?

Options are :

  • Authorization
  • Authentication (Correct)
  • Auditing
  • Accountability

Answer : Authentication

Explanation Authentication is the process of validating that a user?s credentials are authentic, after the user has presented them through the identification process.Authorization is the process of controlling access to resources through methods that include permissions, rights, and privileges. Auditing is the process of reviewing logs and other audit trails to determine what actions have been performed on systems and data. Accountability uses auditing to ensure that users are traced to and held responsible for their actions.

Your organization is concerned that employees might e-mail proprietary information to themselves at their private addresses. Which of the following would be most effective at catching that particular effort?

Options are :

  • Antispam filter
  • Content filter (Correct)
  • Caching proxy server
  • Firewall

Answer : Content filter

Explanation Content filters can scan content as it leaves the network, checking for certain types of content that has been pre-specified within the software.The other choices are incorrect because those technologies will not content-filter messages. Antispam filters are used to catch and quarantine spam messages. Caching proxy servers are used to cache, or store, messages for speedy retrieval in the future. Firewalls help control and block (when necessary) network traffic at the ingress and egress points.

Which of the following methods of log management involves visiting each individual host to review its log files?

Options are :

  • Centralized
  • SIEM
  • Decentralized (Correct)
  • Syslog

Answer : Decentralized

Explanation Decentralized log management means that logs are managed and reviewed on a host-by-host basis, rather than as a centralized, consolidated group.Centralized log management involves collecting logs from across the network into a system and reviewing then as a group. Security Information Event Management (SIEM) is a centralized method of obtaining logs and other data from disparate devices across a network. Syslog is a logging tool found in UNIX and Linux systems, which can be used either on a centralized or decentralized basis.

You are trying to determine the appropriate level of high availability for a server. The server must be available on a constant basis, and downtime in a given year cannot exceed 1 hour. It normally takes you about 45 minutes to bring down and restart the server for maintenance. Which of the following reflects the level of availability you require?

Options are :

  • 99.999 percent availability
  • 99.9 percent availability
  • 99.99 percent availability (Correct)
  • 99 percent availability

Answer : 99.99 percent availability

Explanation 99.99 percent availability accounts for 52 minutes of downtime per year.99.999 percent availability allows only 5.26 minutes of downtime per year, which may not be enough if the server requires almost an hour of maintenance time. 99.9 percent availability equates to more than 8 hours of downtime per year and exceeds the stated requirement. 99 percent availability is more than 3 days of downtime per year, far exceeding the requirement for no more than 1 hour of downtime.

Which of the following ports would be most likely to allow secure remote access into a system within a data center?

Options are :

  • UDP port 53
  • TCP port 1701 (Correct)
  • UDP port 123
  • TCP port 443

Answer : TCP port 1701

Explanation L2TP aligns to TCP port 1701, allowing secure remote access to a system through a VPN connection.UDP port 53 aligns to the Domain Name Service (DNS), UDP port 123 is used by Network Time Protocol (NTP) services, and TCP port 443 is used by HTTP over SSL.

Which of the following secure protocols protects traffic during transmission and uses TCP port 443? (Choose two.)

Options are :

  • SCP
  • SSH
  • TLS (Correct)
  • SSL (Correct)
  • TFTP

Answer : TLS SSL

Explanation Both Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols are used to encrypt traffic sent over untrusted networks, such as the Internet. Both use TCP port 443.SCP is part of the SSH protocol suite and is used to copy files securely from one host to another. SSH is a protocol used to connect to and administer hosts remotely. Both SCP and SSH use TCP port 22. UDP uses UDP port 69 and is totally unsecure.

All of the following are valid methods to secure static hosts in an organization, except:

Options are :

  • Layered security
  • Network segmentation
  • Application level firewalls
  • User-dependent security (Correct)

Answer : User-dependent security

Explanation The organization should not depend solely upon the users to manage security and static devices, because these devices can be managed just as traditional hosts and network devices are.These are all valid methods of securing static hosts in an organization.

Wissa is updating a printer driver on a Windows system. She downloads the latest driver from the manufacturer's Web site. When installing the driver, Windows warns that the driver is unsigned. To which of the following threats is Wissa exposing her system?

Options are :

  • Man-in-the-middle
  • Version control
  • Refactoring (Correct)
  • Shimming

Answer : Refactoring

Explanation A refactored driver will work correctly, but might also perform other, malicious actions.Man-in-the-middle might be a result of the refactor, but is not the threat itself. Version control refers to formally tracking different versions of the baseline configuration. Shimming is a library that responds to inputs that the original device driver isn?t designed to handle and would require a separate file.

Which of the following types of factors could be used to describe a fingerprint-based method of logging in and authenticating to a touchscreen device?

Options are :

  • Something you know.
  • Something you have.
  • Something you are. (Correct)
  • Something you do.

Answer : Something you are.

Explanation This is an example of "something you are," like any biometric factor, such as a fingerprint or retinal eye pattern.An example of ?something you know? would be a password or PIN. ?Something you have? would include a token or smart card. ?Something you do? would be considered swiping a pattern like a pattern unlock on a cell phone.

Which of the following technologies allows devices to communicate with each other at very close range through radio signals by using a special chip implanted in the device, and may be vulnerable to eavesdropping and man-in-the-middle attacks?

Options are :

  • 802.11 wireless
  • Bluetooth
  • Near-field communication (NFC) (Correct)
  • Infrared

Answer : Near-field communication (NFC)

Explanation Near-field communication is enables devices to send very low-power radio signals to each other by using a special chip implanted in the device. This technology requires that the devices be extremely close or even touching each other. This technology is used for a wide variety of applications, including payments through NFC-enabled smartphones.Neither 802.11 wireless nor Bluetooth technologies are used in this manner. Infrared does not use radio frequency technology; it enables communications between devices using a beam of light.

Which of the following is an application designed to create and initiate files on a host to provide a fully functional virtual machine?

Options are :

  • Host operating system
  • Hypervisor (Correct)
  • Guest operating system
  • Load balancer

Answer : Hypervisor

Explanation A hypervisor, also called a virtual machine monitor, is application software responsible for creating and managing virtual machines and their associated files on a host.The host operating system does not create or manage virtual machines; it merely shares resources with them. The guest operating system is the virtual machine itself and is managed by a hypervisor. A load balancer is other software or a hardware appliance responsible for balancing user requests and network traffic among several different physical or virtualized hosts.

How many rounds does DES perform when it encrypts plaintext?

Options are :

  • 16 (Correct)
  • 32
  • 64
  • 128

Answer : 16

Explanation DES uses 16 rounds of encryption.DES does not use 32,64, or 128 rounds of encryption or decryption processes.

Which of the following secure e-mail protocols is carried over an SSL or TLS connection and uses TCP port 993?

Options are :

  • SMTP
  • POP3
  • IMAPS (Correct)
  • IMAP4

Answer : IMAPS

Explanation IMAPS (secure IMAP) is a secure version of the IMAP4 protocol used over SSL or TLS connections to provide for client e-mail security.SMTP is a server-side e-mail protocol and is not used over SSL or TLS. SMTP uses TCP port 25. POP3 is a non-secure client-side e-mail protocol that uses TCP port 110. IMAP4 is a non-secure client-side e-mail protocol that uses TCP port 143.

Which of the following are true statements regarding the relationships of functionality, security, and available resources? (Choose two.)

Options are :

  • As functionality increases, security increases.
  • As security increases, functionality decreases. (Correct)
  • As resources increase, security decreases but functionality decreases.
  • As resources decrease, both functionality and security decrease. (Correct)

Answer : As security increases, functionality decreases. As resources decrease, both functionality and security decrease.

Explanation The relationship between security and functionality is inversely proportional. As one increases, the other decreases. The relationship between resources and both security and functionality is directly proportional. As resources increase, so do both functionality and security. If resources decrease, so do functionality and security.If functionality increases, security generally decreases. If resources increase, both security and functionality increase as well.

During which stage of a secure development model would you normally find steps such as requirements gathering, analysis, and diagram development?

Options are :

  • Security testing
  • Secure design
  • Security requirements (Correct)
  • Secure implementation

Answer : Security requirements

Explanation In the security requirements stage, requirements for different security functions are determined. Iterations of interviews and surveys might be developed and gathered and diagrams developed to show project milestones.During the secure testing phase of the secure software development model, software is measured or tested against security, functional, and performance requirements. This may include secure code review, application fuzzing, and vulnerability assessments, as well as penetration testing. In the secure design stage, different security functionality is designed into the application. During the secure implementation of software, security requirements are validated as implemented in the application.

Risk assessment means evaluating which of the following elements? (Choose two.)

Options are :

  • Probability (Correct)
  • Threat
  • Vulnerability
  • Impact (Correct)

Answer : Probability Impact

Explanation Probability and impact values are evaluated and assessed during a risk assessment.Threats and vulnerabilities do not have defined values.

Which of the following is a protocol used to obtain the status of digital certificates in public keys?

Options are :

  • DHE
  • RSA
  • OCSP (Correct)
  • ECC

Answer : OCSP

Explanation The Online Certificate Status Protocol (OCSP) is used to obtain the revocation status of digital certificates. It is used as an alternative to certificate revocation lists and enables clients to request and receive the electronic status of digital certificates automatically and in real-time.Diffie-Hellman Exchange (DHE) is a key negotiation and agreement protocol used in public key cryptography. RSA is the de facto standard used to generate public and private key pairs in a PKI. Elliptic curve cryptography (ECC) is a public key cryptography protocol used on small mobile devices, due to its low power and computing requirements.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions