A company is executing a strategy to encrypt and sign all proprietary data in transit. The company recently deployed PKI service
1 answer:
Answer:
A. S/MIME
B. TLS
C. Kerberos
Explanation:
PKI : Public Key Infrastructure is a technique which will allow services or applications to communicate securely across the unsecured network or internet.
PKI mainly consist of CA or Certificate Authority who can issue digital certificates or they are also known as trusted CA. exmaples are godaddy, digicert, verizone, symmantec, etc.. and RA also known as Registration Authorities and they verify if the requested certificates can be stored at CA. Keys will be stored in the central directory.It will also consists of certificate management system and the policies governing PKI.
S/MIME : Secure/Multipurpose Internet Mail Extensions which use assymentric cryptography and sign the MIME data. S/MIME will provide services like Authentication, Encryption , Integrity, Privacy and Non repudiation for messaging applications
SMIME uses certificates which can be self signed or CA certified. It specifies MIME type as while transmitting the data.
TLS : Transport Layer Security. the earlier versions used to be known as SSL ( Secure Socket Layer) SSLv3 got depreciated and TLSv1.2/1.3 are popularly used to provide encryption, authentication, Integrity and Hashing for client to server side communication.
Most of the applications communicate securely using TLS. They will establish secure TCP connection using SSL Handshake. During the Handshake they will exchange supported versions, ciphersuites and certificates. Applications which uses TLS always uses CA certificates and Inhouse applications can communicate using self signed certificate or even with CA certificates.
HTTPS which is also known as HTTP over SSL is widely used for almost all the web services to communicate securely across the internet.
Kerberos : It is a protocol used to prove the identity for two nodes which are communicating with each other. Kerberos uses both symmetric key cryptography and assymetric key cryptography. However, symmetric key cryptography is used widely and public key cryptography is used optionally.
Authentication server which is also known as AS is used to authenticate the requesting client. It further forwards the user credentials to key distribution center. KDC further issues to TGT ( ticket granting ticket) and it uses TGS's secret key to encrypt. User will receive a encrypted output.
When a User Login then The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket-granting ticket (TGT), which is time stamped and encrypts it using the ticket-granting service's (TGS) secret key and returns the encrypted result to the user's workstation. Sessions will be renewed and managed by users session manager.
You might be interested in
Answer:
The command to create a compressed archive (archive1.tar.gz) is
Explanation:
The explanation for the above command is
The general command to create a compressed archive is
tar -czvf name-of-archive.tar.gz /path/to/directory-or-files
Here, the terms are as follows:
-c : Creates an archive
-z : Compress the archive with gzip.
-v : This is known as verbose. This is an optional command and it displays the progress on terminal command. Without this the progress is not displayed on terminal command.
-f : Allows to specify the file name of the archive.
Here, if we want to archive multiple files, we provide the command the names of multiple files or directories of the files also can be used.
So, the command
creates a compressed archive - archive1.tar.gz of files test1, test2 and test3.