🛡️ Free practice test question from: TLS (Security+)

When you connect to a website using TLS (which is the modern version of SSL), the server presents a digital certificate. This certificate contains information about the website's identity and is signed by a Certificate Authority (CA). Your browser has a list of trusted root CAs. It checks if the certificate was signed by one of these trusted CAs and verifies the chain of trust. This process confirms that the website is who it claims to be. (https://aws.amazon.com/what-is/ssl-certificate/)

A) MAC address matching: MAC addresses are used for local network communication, not for identifying websites over the internet.  

B) SSL encryption: While encryption is a crucial part of TLS/SSL, it doesn't directly verify the website's identity. Encryption protects the data in transit, but the certificate verification process confirms who you're communicating with before the encrypted communication begins.  

D) IP address matching: IP addresses can change and can be spoofed, so it is not reliable enough as an identifier on its own.