Which web security policy protects HTTPS websites against MITM attacks by enforcing secure connections?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which web security policy protects HTTPS websites against MITM attacks by enforcing secure connections?

Explanation:
HTTP Strict Transport Security enforces secure connections by telling the browser to always use HTTPS for a domain for a set period. Once a site publishes the HSTS header (or is preloaded in the browser), the browser upgrades any future HTTP requests to HTTPS and rejects attempts to fall back to HTTP. This prevents man-in-the-middle attackers from downgrading a connection or intercepting traffic on the way to the site, which is a common MITM tactic. DNSSEC, TLS rollback prevention, and certificate pinning each play different roles: DNSSEC protects DNS responses, TLS rollback prevents negotiated downgrades at the TLS level (not the blanket enforcement of HTTPS), and certificate pinning validates the server certificate against a known pin but isn’t a universal policy for all connections. HSTS provides the broad, automatic enforcement that directly blocks MITM attempts that rely on non-HTTPS connections.

HTTP Strict Transport Security enforces secure connections by telling the browser to always use HTTPS for a domain for a set period. Once a site publishes the HSTS header (or is preloaded in the browser), the browser upgrades any future HTTP requests to HTTPS and rejects attempts to fall back to HTTP. This prevents man-in-the-middle attackers from downgrading a connection or intercepting traffic on the way to the site, which is a common MITM tactic. DNSSEC, TLS rollback prevention, and certificate pinning each play different roles: DNSSEC protects DNS responses, TLS rollback prevents negotiated downgrades at the TLS level (not the blanket enforcement of HTTPS), and certificate pinning validates the server certificate against a known pin but isn’t a universal policy for all connections. HSTS provides the broad, automatic enforcement that directly blocks MITM attempts that rely on non-HTTPS connections.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy