This statement is TRUE . HTTPS is essentially HTTP running over TLS . While HTTP by itself transmits data in plaintext, HTTPS adds the TLS security layer to protect communication between the client and the server. By introducing TLS, HTTPS provides three important security functions during transmission.
First, it provides identity authentication . The server proves its identity to the client through a digital certificate , helping the client confirm that it is communicating with the legitimate server rather than an attacker. Second, HTTPS provides encryption . After the TLS negotiation process is completed, the transmitted HTTP data is encrypted, preventing attackers from easily reading sensitive information such as usernames, passwords, and session data. Third, HTTPS ensures data integrity . TLS includes mechanisms to detect whether transmitted data has been modified during communication.
Because of these features, HTTPS is widely used for secure web access, online transactions, authentication pages, and confidential information exchange. Therefore, the statement that HTTPS introduces the TLS layer based on HTTP to provide authentication, encryption, and integrity protection is correct.
