30 Dec Practice Test Question-HTTPS Eavesdropping
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Helen is concerned about eavesdropping on a network that she manages. If a user on the network accesses only HTTPS sites, what information would an eavesdropper be able to determine about the sites that the user visits?
A. IP addresses, site domains, and site content
B. IP addresses and site domains
C. IP addresses only
D. An eavesdropper would not be able to gather any of this information
Correct Answer: C
HTTPS traffic is protected by Transport Layer Security (TLS).
An eavesdropper would not be able to see any information from inside the connection, such as the site domain or content. So these are not the correct answers.
However, an eavesdropper would be able to determine the IP addresses of sites visited by the user. Making IP addresses the correct answer.
Interested in more practice test questions?
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments