Register
A company's chief cybersecurity architect wants to configure mutual authentication to access an internal payroll website. The architect has asked the administration team to determine the configuration
139k views
1 vote
A company's chief cybersecurity architect wants to configure mutual authentication to access an internal payroll website. The architect has asked the administration team to determine the configuration that would provide the best defense against MITM attacks.

Which of the following implementation approaches would BEST support the architect's goals?

A. Utilize a challenge-response prompt as required input at username/password entry.
B. Implement TLS and require the client to use its own certificate during handshake.
C. Configure a web application proxy and institute monitoring of HTTPS transactions.
D. Install a reverse proxy in the corporate DMZ configured to decrypt TLS sessions.

User KingNestor
by
7.0k points

1 Answer

2 votes

Final answer:

The best defense against MITM attacks for an internal payroll website using mutual authentication is to implement TLS and require the client to use its own certificate during the handshake.Option B is the correct answer.

Step-by-step explanation:

The company's chief cybersecurity architect is interested in preventing MITM (Man-in-the-Middle) attacks on an internal payroll website through the use of mutual authentication. To achieve this, the best approach would be Option B: Implement TLS and require the client to use its own certificate during handshake.

This method involves the use of Transport Layer Security (TLS) protocol, which provides a secure communication channel between the client and the server. During the TLS handshake, both the server and the client authenticate each other by presenting their respective certificates, which are verified by both parties. This process ensures that both entities are indeed who they claim to be, hence mitigating the risk of MITM attacks as a third party would not possess the necessary client certificate to authenticate successfully.

Implementing mutual authentication through TLS is a robust strategy to thwart MITM attacks on the internal payroll website. This approach enhances security by requiring both the server and client to present and validate certificates during the TLS handshake.

User Patrickmdnet
by
7.0k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.3m questions

10.9m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Link Copied!