nerdexam
GIAC

GSLC · Question #444

GSLC Question #444: Real Exam Question with Answer & Explanation

The correct answer is A. Strong data encryption during travel. Strong encryption of data in transit is the primary defense against man-in-the-middle attacks because it renders intercepted data unreadable and detects tampering through integrity verification.

Question

Which of the following can provide security against man-in-the-middle attack?

Options

  • AStrong data encryption during travel
  • BFirewall
  • CAnti-virus programs
  • DStrong authentication method

Explanation

Strong encryption of data in transit is the primary defense against man-in-the-middle attacks because it renders intercepted data unreadable and detects tampering through integrity verification.

Common mistakes.

  • B. A firewall filters traffic at network boundaries based on rules but cannot decrypt or inspect encrypted sessions to detect an attacker who has already positioned themselves between two communicating parties.
  • C. Anti-virus programs detect and remove malware on endpoints but provide no mechanism to detect or prevent interception of network communications occurring between systems.
  • D. Strong authentication verifies identity at the time of login but does not protect the confidentiality or integrity of data transmitted after authentication, leaving sessions vulnerable to interception if traffic is not also encrypted.

Concept tested. Encryption as defense against man-in-the-middle attacks

Reference. https://owasp.org/www-community/attacks/Manipulator-in-the-middle_attack

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSLC Practice