nerdexam
EC-Council

112-52 · Question #111

112-52 Question #111: Real Exam Question with Answer & Explanation

The correct answer is A. Use of HTTPS instead of HTTP. HTTPS encrypts traffic between client and server, making it nearly impossible for an attacker to intercept and steal session tokens in transit - this is the primary defense against session hijacking. Changing network infrastructure (B) has no meaningful effect on session token se

Attacks and Countermeasures

Question

Which of the following BEST helps prevent session hijacking?

Options

  • AUse of HTTPS instead of HTTP
  • BChanging network infrastructure frequently
  • CClearing browser cookies regularly
  • DDisabling logging mechanisms

Explanation

HTTPS encrypts traffic between client and server, making it nearly impossible for an attacker to intercept and steal session tokens in transit - this is the primary defense against session hijacking. Changing network infrastructure (B) has no meaningful effect on session token security. Clearing cookies (C) removes sessions after the fact but does nothing to prevent theft while a session is active. Disabling logging (D) actually worsens security by eliminating your ability to detect attacks.

Memory tip: Think "HTTPS = Hidden Tokens, Protected Sessions." The S in HTTPS stands for Secure - and securing the channel is what keeps session tokens out of an attacker's hands.

Topics

#session-hijacking#https-encryption#transport-security#web-cookies

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 112-52 Practice