(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What technique tricks browsers into using unencrypted communications?

  1. Spoofing

  2. SSL Stripping

  3. HTTP Masquerade

  4. Detour Attack

The correct answer is: SSL Stripping

SSL Stripping is a technique specifically designed to downgrade a user's connection from a secure HTTPS connection to an unencrypted HTTP connection. It exploits the way web browsers behave when handling secure and non-secure connections. When a user attempts to connect to a website, SSL Stripping intercepts the request and instead serves the unencrypted version of the website, effectively removing any encryption that would typically protect the data transmitted between the user's browser and the website. This allows attackers to eavesdrop on the communication, steal sensitive information, or manipulate the data being sent. In contrast, the other techniques mentioned do not primarily focus on this type of communication downgrade. Spoofing primarily involves impersonating a legitimate entity to deceive users or systems, while HTTP Masquerade refers to hiding the true nature of an HTTP connection, and Detour Attack usually implies redirecting traffic rather than manipulating the security protocols in use. Thus, SSL Stripping is the most accurate answer when discussing how to trick browsers into using unencrypted communications.

More Questions Like This