Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 224

Which of the following statements is accurate regarding the use of Secure Sockets Layer (SSL) as a control?

Answer options

• A. It supports the authentication of information sent to a server.
• B. It prevents phishing attacks that redirect users to malicious sites.
• C. It prevents malware infections.
• D. It identifies each client-server session using temporary tokens.

Correct answer: A

Explanation

The correct answer, A, is accurate because SSL provides a mechanism for authenticating the data sent to a server, ensuring it comes from a legitimate source. Options B and C are incorrect as SSL does not specifically prevent phishing attacks or malware infections. Option D is also wrong because while SSL does establish secure sessions, it does not identify sessions through temporary tokens.