Explain what is SSL and why is it not enough when it comes to encryption?
Submitted by: Muhammad
SSL is identity verification, not hard data encryption. It is designed to be able to prove that the person you are talking to on the other end is who they say they are. SSL and its big brother TLS are both used almost everyone online, but the problem is because of this it is a huge target and is mainly attacked via its implementation (The Heartbleed bug for example) and its known methodology. As a result, SSL can be stripped in certain circumstances, so additional protections for data-in-transit and data-at-rest are very good ideas.
Submitted by: Muhammad
Read Online Information Security Officer Job Interview Questions And Answers
