CISSP – Information Systems Security Management Professional (ISSMP) — Question 4

You work as a Web Administrator for Perfect World Inc. The company is planning to host an E-commerce Web site. You are required to design a security plan for it. Client computers with different operating systems will access the Web server. How will you configure the Web server so that it is secure and only authenticated users are able to access it? Each correct answer represents a part of the solution. Choose two.

Answer options

• A. Use encrypted authentication.
• B. Use the SSL protocol.
• C. Use the EAP protocol.
• D. Use Basic authentication.

Correct answer: A, B

Explanation

Using encrypted authentication (A) ensures that user credentials are securely transmitted, while the SSL protocol (B) provides a secure channel for data transmission, both crucial for protecting sensitive information in an E-commerce setting. Options C and D are less secure; the EAP protocol is typically used in wireless networks, and Basic authentication transmits credentials in an easily decodable format, making them unsuitable for secure web access.