CS0-003 · Question #375
CS0-003 Question #375: Real Exam Question with Answer & Explanation
Sign in or unlock CS0-003 to reveal the answer and full explanation for question #375. The question stem and answer options stay visible for context.
Question
While a security analyst for an organization was reviewing logs from web servers. the analyst found several successful attempts to downgrade HTTPS sessions to use cipher modes of operation susceptible to padding oracle attacks. Which of the following combinations of configuration changes should the organization make to remediate this issue? (Choose two.)
Options
- AConfigure the server to prefer TLS 1.3.
- BRemove cipher suites that use CBC.
- CConfigure the server to prefer ephemeral modes for key exchange.
- DRequire client browsers to present a user certificate for mutual authentication.
- EConfigure the server to require HSTS.
- FRemove cipher suites that use GCM.
Unlock CS0-003 to see the answer
You've previewed enough free CS0-003 questions. Unlock CS0-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.