Systems Security Certified Practitioner (SSCP) — Question 130

In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?

Answer options

• A. Both client and server
• B. The client's browser
• C. The web server
• D. The merchant's Certificate Server

Correct answer: B

Explanation

The correct answer is B, as the client's browser generates the master secret during the SSL handshake. The server and other entities do not independently create this secret; rather, they rely on the client to initiate the process and establish the keys for secure communication.