Questions: HTTPS and TLS (Transport Layer Security)
5 questions to test your understanding
Score: 0 / 5
Question 1 Multiple Choice
A browser successfully connects to a site via HTTPS. What specific security problem does the X.509 certificate solve that encryption alone does not?
AIt compresses HTTP headers to speed up the encrypted connection
BIt proves the server is who it claims to be, preventing an attacker from substituting their own key
CIt generates the symmetric session key used for encrypting data
DIt replaces public-key cryptography to make the handshake more efficient
Encryption alone does not tell you *who* you are encrypting data for. Without certificate authentication, an attacker could intercept your connection, present their own public key, and read your 'encrypted' traffic — a man-in-the-middle attack. The X.509 certificate, signed by a trusted Certificate Authority, proves the public key actually belongs to the claimed domain. Option C is a common confusion: the certificate contains the server's public key but does not generate the session key — that comes from the Diffie-Hellman exchange.
Question 2 Multiple Choice
Why does TLS use public-key cryptography during the handshake but switch to symmetric encryption (like AES) for the actual data transfer?
ASymmetric encryption is more secure than public-key encryption for bulk data
BPublic-key cryptography cannot encrypt data, only establish shared secrets
CPublic-key operations are hundreds of times slower than symmetric encryption, making them too costly for bulk data transfer
DRegulatory standards require symmetric encryption for web traffic
The two-phase design is purely about performance. Public-key operations (RSA, Diffie-Hellman) are computationally expensive — viable for a one-time handshake but far too slow for encrypting megabytes of streaming data. Symmetric encryption (AES) is orders of magnitude faster. Option A is wrong: public-key cryptography is not less secure, just slower. Option B is wrong: public-key encryption can encrypt data, but the performance cost makes it impractical for bulk transfer.
Question 3 True / False
TLS provides integrity protection through message authentication codes, meaning that if any bit of an encrypted message is altered in transit, the receiver will detect the tampering.
TTrue
FFalse
Answer: True
TLS includes a MAC with each encrypted message — a cryptographic checksum computed over the message content. The receiver recomputes the MAC and compares. Even a single altered bit produces a completely different MAC, causing the check to fail and the message to be rejected. This integrity guarantee means that even if an attacker cannot decrypt traffic, they also cannot silently modify it.
Question 4 True / False
HTTPS guarantees that a website is trustworthy and that its operator will not misuse your data.
TTrue
FFalse
Answer: False
HTTPS provides three guarantees: confidentiality (no eavesdropping), authentication (the server is who the certificate claims), and integrity (data has not been modified). It says nothing about the intentions or trustworthiness of the server operator. A malicious website can — and often does — use a valid HTTPS certificate. The padlock means 'your connection to this server is secure,' not 'this server is safe to trust.'
Question 5 Short Answer
Explain why the combination of certificate authorities and TLS prevents man-in-the-middle attacks, and what would happen if browsers trusted all certificates equally without a CA hierarchy.
Think about your answer, then reveal below.
Model answer: TLS prevents MITM attacks by requiring the server to present a certificate signed by a CA that the browser already trusts. An attacker cannot forge a valid certificate for a domain they don't control because they cannot obtain a CA's signature. Without a CA hierarchy, any entity could generate a self-signed certificate for any domain — an attacker could intercept a connection to bank.com, present their own certificate claiming to be bank.com, and the browser would accept it, allowing the attacker to decrypt all traffic.
The security of HTTPS is only as strong as the trust placed in CAs. This is why a compromised CA is a catastrophic security incident — it can issue fraudulent certificates for any domain, enabling MITM attacks against that site's users globally. The browser's trust store (the list of trusted root CAs) is the anchor of the entire system.