Which web security policy protects HTTPS websites against MITM attacks by enforcing secure connections?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which web security policy protects HTTPS websites against MITM attacks by enforcing secure connections?

Explanation:
HTTP Strict Transport Security enforces secure connections by telling the browser to always use HTTPS for a domain for a set period. Once a site publishes the HSTS header (or is preloaded in the browser), the browser upgrades any future HTTP requests to HTTPS and rejects attempts to fall back to HTTP. This prevents man-in-the-middle attackers from downgrading a connection or intercepting traffic on the way to the site, which is a common MITM tactic. DNSSEC, TLS rollback prevention, and certificate pinning each play different roles: DNSSEC protects DNS responses, TLS rollback prevents negotiated downgrades at the TLS level (not the blanket enforcement of HTTPS), and certificate pinning validates the server certificate against a known pin but isn’t a universal policy for all connections. HSTS provides the broad, automatic enforcement that directly blocks MITM attempts that rely on non-HTTPS connections.

HTTP Strict Transport Security enforces secure connections by telling the browser to always use HTTPS for a domain for a set period. Once a site publishes the HSTS header (or is preloaded in the browser), the browser upgrades any future HTTP requests to HTTPS and rejects attempts to fall back to HTTP. This prevents man-in-the-middle attackers from downgrading a connection or intercepting traffic on the way to the site, which is a common MITM tactic. DNSSEC, TLS rollback prevention, and certificate pinning each play different roles: DNSSEC protects DNS responses, TLS rollback prevents negotiated downgrades at the TLS level (not the blanket enforcement of HTTPS), and certificate pinning validates the server certificate against a known pin but isn’t a universal policy for all connections. HSTS provides the broad, automatic enforcement that directly blocks MITM attempts that rely on non-HTTPS connections.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy