Which vulnerability involves weak transport-layer protection, such as weak ciphers or expired certificates, exposing user data to third parties?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which vulnerability involves weak transport-layer protection, such as weak ciphers or expired certificates, exposing user data to third parties?

Explanation:
The idea being tested is transport-layer security in transit. When protections at this layer are insufficient, data moving between a user and a server can be exposed to eavesdroppers, tampered with, or impersonated. Weak transport-layer protection means things like using outdated or weak cipher suites, not enforcing TLS across the site, or using expired certificates. These misconfigurations allow an attacker to decrypt or alter sensitive information such as login credentials, tokens, or personal data, or to perform a man-in-the-middle attack because the client can’t trust the connection securely. That’s why the best fit is a flaw describing insufficient transport-layer protection: the vulnerability arises from crypto and certificate issues in TLS/SSL, not from how data is stored, serialized, or handled in cookies or application logic. Other options involve different weaknesses—how data is processed (deserialization) or how cookies are exposed—rather than the cryptographic protection of data in transit.

The idea being tested is transport-layer security in transit. When protections at this layer are insufficient, data moving between a user and a server can be exposed to eavesdroppers, tampered with, or impersonated. Weak transport-layer protection means things like using outdated or weak cipher suites, not enforcing TLS across the site, or using expired certificates. These misconfigurations allow an attacker to decrypt or alter sensitive information such as login credentials, tokens, or personal data, or to perform a man-in-the-middle attack because the client can’t trust the connection securely.

That’s why the best fit is a flaw describing insufficient transport-layer protection: the vulnerability arises from crypto and certificate issues in TLS/SSL, not from how data is stored, serialized, or handled in cookies or application logic. Other options involve different weaknesses—how data is processed (deserialization) or how cookies are exposed—rather than the cryptographic protection of data in transit.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy