Certified Information Security Manager (CISM) — Question 538
Organization A offers e-commerce services and uses secure transport protocol to protect Internet communication. To confirm communication with Organization A, which of the following would be the BEST for a client to verify?
Answer options
- A. The URL of the e-commerce server
- B. The certificate of the e-commerce server
- C. The IP address of the e-commerce server
- D. The browser's indication of SSL use
Correct answer: B
Explanation
The best way for a client to confirm secure communication with Organization A is by checking the certificate of the e-commerce server, as it authenticates the server's identity and ensures that the connection is secure. While the URL and SSL indication in the browser are helpful, they do not provide the same level of verification as the server certificate. The IP address alone does not confirm the legitimacy of the server.