CISSP · Question #21
CISSP Question #21: Real Exam Question with Answer & Explanation
The correct answer is B: WebSockets. WebSockets is an HTML5 option that presents a security challenge for network data leakage prevention and/or monitoring, as it enables a bidirectional, full-duplex communication channel between a web browser and a server. WebSockets can bypass the traditional HTTP request- respons
Question
Which Hyper Text Markup Language 5 (HTML5) option presents a security challenge for network data leakage prevention and/or monitoring?
Options
- ACross Origin Resource Sharing (CORS)
- BWebSockets
- CDocument Object Model (DOM) trees
- DWeb Interface Definition Language (IDL)
Explanation
WebSockets is an HTML5 option that presents a security challenge for network data leakage prevention and/or monitoring, as it enables a bidirectional, full-duplex communication channel between a web browser and a server. WebSockets can bypass the traditional HTTP request- response model and establish a persistent connection that can exchange data in real time. This can pose a risk of data leakage, as the data transmitted over WebSockets may not be inspected or filtered by the network security devices, such as firewalls, proxies, or data loss prevention systems. Cross Origin Resource Sharing (CORS), Document Object Model (DOM) trees, and Web Interface Definition Language (IDL) are not HTML5 options that present a security challenge for network data leakage prevention and/or monitoring, as they are not related to the communication channel between the web browser and the server.
Topics
Community Discussion
No community discussion yet for this question.