🔥 40% Off Crucial Exams Memberships — This Week Only

2 days, 11 hours remaining!
Crucial Exams

ISC2 Systems Security Certified Practitioner (SSCP) Practice Question

A tax-filing company discovers that some customers still access its public web portal with old http:// bookmarks, exposing personally identifiable information during the initial connection and making the site vulnerable to SSL-stripping attacks. As the newly hired security administrator, you must ensure that every future browser request- including the very first one- is automatically upgraded to HTTPS without requiring users to change their behavior. Which action best satisfies this requirement?

  • Replace the existing certificate with an Extended Validation (EV) certificate from a trusted public certificate authority.

  • Implement HTTP Strict Transport Security (HSTS) with a one-year max-age and add the domain to the HSTS preload lists so browsers always initiate HTTPS connections.

  • Configure the web server to issue permanent (301) redirects from http:// to https:// for all incoming requests.

  • Disable TLS 1.0 and 1.1 on the server, allowing only TLS 1.2 and TLS 1.3 with modern cipher suites.

ISC2 Systems Security Certified Practitioner (SSCP)
Cryptography
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot