GIAC Foundational Cybersecurity Technologies Practice Test

What feature of HTTPS encryption solves the trust problem in the asymmetric key exchange?

• A. The Website's SSL certificate
• B. Each visitor providing the same public key
• C. Each visitor providing the same private key
• D. Unique session IDs

The correct answer is: The Website's SSL certificate

The feature of HTTPS encryption that addresses the trust problem in asymmetric key exchange is the website's SSL certificate. An SSL (Secure Sockets Layer) certificate serves as a digital certificate that authenticates a website's identity and enables an encrypted connection. When a user connects to a website using HTTPS, the web server sends its SSL certificate to the user's browser. This certificate contains the website's public key and is signed by a trusted Certificate Authority (CA). The role of the CA is to verify the identity of the website owner before issuing the certificate. By using a CA, users are able to trust that the public key they are using to establish a secure connection truly belongs to the legitimate website, thereby solving the trust problem associated with the asymmetric key exchange. As for the other options, they do not provide a mechanism for verifying the identity of the website or ensuring that the public key is correct. If each visitor were to provide the same public or private key, it would not resolve the issue of establishing trust, as it would not guarantee that the key belongs to the intended website. Unique session IDs are used to manage sessions after authentication has occurred but do not help in the initial trust establishment during the asymmetric key exchange.