CompTIA SecurityX (CAS-005) — Question 164

Which of the following best describes the reason a network architect would enable forward secrecy on all VPN tunnels?

Answer options

• A. This process is a requirement to enable hardware-accelerated cryptography.
• B. This process reduces the success of attackers performing cryptanalysis.
• C. The business requirements state that confidentiality is a critical success factor.
• D. Modern cryptographic protocols list this process as a prerequisite for use.

Correct answer: B

Explanation

The correct answer, B, is accurate because forward secrecy enhances security by ensuring that even if a long-term key is compromised, past session keys remain secure from attackers. Options A, C, and D, while they may relate to cryptography, do not specifically address the unique security benefits that forward secrecy provides against cryptanalysis.