What are two secure implementation methods in this scenario?

You are deploying TLS support for real-time Web and SaaS transactions.

What are two secure implementation methods in this scenario? (Choose two.)
A . Bypass TLS 1.3 because it is not widely adopted.
B . Downgrade to TLS 1.2 whenever possible.
C . Support TLS 1.2 only when 1.3 is not supported by the server.
D . Require TLS 1.3 for every server that accepts it.

View Answer

Answer: C, D

Explanation:

If you are deploying TLS support for real-time Web and SaaS transactions, then you need to use secure implementation methods that ensure the highest level of encryption and security for your traffic. Two secure implementation methods in this scenario are: support TLS 1.2 only when 1.3 is not supported by the server and require TLS 1.3 for every server that accepts it. TLS stands for Transport Layer Security, which is a protocol that provides secure communication over the internet by encrypting and authenticating data exchanged between two parties. TLS 1.3 is the latest version of TLS, which offers several improvements over TLS 1.2, such as faster handshake, stronger encryption algorithms, better forward secrecy, and reduced attack surface. Therefore, it is recommended to use TLS 1.3 whenever possible for real-time Web and SaaS transactions, as it provides better security and performance than TLS 1.2. However, some servers may not support TLS 1.3 yet, so in those cases, it is acceptable to use TLS 1.2 as a fallback option, as it is still considered secure and widely adopted. Bypassing TLS 1.3 because it is not widely adopted or downgrading to TLS 1.2 whenever possible are not secure implementation methods in this scenario, as they would compromise the security and performance of your traffic by using an older or weaker version of TLS than necessary.

Reference: [TLS], [TLS 1.3].