CISSP Question of the Day – 8-30-2016

Getting You Prepped for the CISSP Exam ...One Question at a Time!

Today’s CISSP question topic: Web Security

You have deployed a web application that allows your customers to view their private account information. You want to minimize the chances that an attacker within radio range of the customer’s wireless LAN (WLAN) will be able to eavesdrop on their traffic and intercept their private data. Which of the following is the best approach you can take to do this?

  1. Require SSH for all connections to the web server
  2. Implement TLS on the web server
  3. Advise your customers to deploy WPA2 with AES on their wireless LANs
  4. Digitally sign all traffic using RSA Keys
  5. Require customers to connect via an IPSec VPN
  6. Implement 802.1x on your switches and provides steps for your customers to do the same
  7. Use an IDS (or IPS) to monitor for evidence of ARP flooding attacks

Check Your Answer

  1. Implement TLS on the web server

Co-workers, friends or colleagues studying for the CISSP exam, too? Share this question with them! Click an icon below to share to your preferred social media platform!
Posted in:
About the Author

Colin Weaver

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.