CISA Certified Information Systems Auditor – Question1542

The PRIMARY objective of Secure Sockets Layer (SSL) is to ensure:

A.
only the sender and receiver are able to encrypt/decrypt the data.
B. the sender and receiver can authenticate their respective identities.
C. the alteration of transmitted data can be detected.
D. the ability to identify the sender by generating a one-time session key.

Correct Answer: A

Explanation:

Explanation:
SSL generates a session key used to encrypt/decrypt the transmitted data, thus ensuring its confidentiality. Although SSL allows the exchange of X509 certificates to provide for identification and authentication, this feature along with choices C and D are not the primary objectives.