CompTIA Cloud+ Practice Test

What is a recommended standard-based solution for encrypting transactions on e-commerce applications?

• A. AH/ESP
• B. AES 256
• C. TLS
• D. IPsec

The correct answer is: TLS

The recommended standard-based solution for encrypting transactions on e-commerce applications is Transport Layer Security (TLS). This protocol is specifically designed to provide secure communication over a computer network, ensuring that data transferred between clients and servers remains private and integral. TLS encrypts data in transit, which protects sensitive information such as credit card details and personal information from interception by attackers during online transactions. In contrast, while the other options involve encryption or security features, they serve different roles or contexts. AH (Authentication Header) and ESP (Encapsulating Security Payload) are protocols that can be part of the IPsec suite, primarily used for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a communication session. However, they aren't specifically tailored for e-commerce transactions. AES 256 refers to the Advanced Encryption Standard with a 256-bit key length. It is indeed a strong encryption algorithm but does not specify how or where it is implemented. It can be utilized within various protocols, including TLS, but by itself, AES 256 does not provide the encapsulated security features necessary for secure public transactions. IPsec is a suite of protocols used to secure IP communications through encryption and authentication; while it can be effective, it is more commonly used