Ids

In order for an IDS to examine inbound encrypted data, it must be configured with what?
Internal system’s private key
Internal system’s certificate
External system’s public key
Certificate Authority’s certificate

Find more posts tagged with

Comments

p@r0tuXus

I'll just leave this here:

https://youtu.be/bLzBRRVY_Vs

mcollins301

Thank you this link was very helpful.

gespenstern

That's an incomplete question CompTIA is full of. You have to assume that they are talking about TLS, as no answer would be correct for many other sorts of encrypted traffic.

Also, we need to assume that inbound means TLS traffic that is initiated from the outside and coming to our internal web-server/reverse-proxy/balancer etc.

In this case the correct answer is 1, because it is the only answer mentioning private key and you can't decrypt TLS with a public key which is only used for encrypting a session key and 4 is probably incorrect because of assumption 2 and because it's not necessarily true that the cert mentioned contains a private key.