ISC2 CSSLP Exam - Topic 2 Question 35 Discussion

The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has

recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's

Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is included as part of both the Microsoft and Netscape

browsers and most Web server products. URLs that require an SSL connection start with https: instead of http:.

Answer C is incorrect. S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of e-

mail encapsulated in MIME. S/MIME provides the following cryptographic security services for electronic messaging applications: authentication,

message integrity, non-repudiation of origin (using digital signatures), privacy, and data security (using encryption).

Answer D is incorrect. Hypertext Transfer Protocol (HTTP) is a client/server TCP/IP protocol used on the World Wide Web (WWW) to

display Hypertext Markup Language (HTML) pages. HTTP defines how messages are formatted and transmitted, and what actions Web

servers and browsers should take in response to various commands. For example, when a client application or browser sends a request to

the server using HTTP commands, the server responds with a message containing the protocol version, success or failure code, server

information, and body content, depending on the request. HTTP uses TCP port 80 as the default port.

Answer B is incorrect. A Virtual Private Network (VPN) is a computer network that is implemented in an additional software layer

(overlay) on top of an existing larger network for the purpose of creating a private scope of computer communications or providing a secure

extension of a private network into an insecure network such as the Internet.

The links between nodes of a Virtual Private Network are formed over logical connections or virtual circuits between hosts of the larger

network. The Link Layer protocols of the virtual network are said to be tunneled through the underlying transport network.