Member-only story
TryHackMe — Networking Secure Protocols | Cyber Security 101 (THM)
TLS
Previously, capturing cleartext login credentials was common since data was sent without encryption, allowing attackers to read sensitive information. To address this, Netscape developed SSL (Secure Sockets Layer), with the first public version released in 1995. Later, TLS (Transport Layer Security) was introduced in 1999, offering improved security and encryption. The latest version, TLS 1.3, was released in 2018 after extensive enhancements.
TLS operates at the transport layer, providing confidentiality and integrity between a client and a server over insecure networks. It is essential for secure online activities like banking, shopping, and messaging. Various protocols, such as HTTP and DNS, have added TLS to enhance security (e.g., HTTPS and DoT). Servers need signed TLS certificates, typically obtained from a Certificate Authority (CA), to confirm their authenticity. Let’s Encrypt offers free signed certificates, while self-signed certificates do not verify a server’s authenticity since no third-party verification is involved.
Answer the questions below
- What is the protocol name that TLS upgraded and built upon?
- SSL
- Which type of certificates should not be used to confirm the authenticity of a server?
- Self-signed certificate
HTTPS
