CompTIA CySA+ (CS0-003) — Question 391

The website of a large retail chain is falling to enforce encrypted HTTPS connections, leaving customer account credentials exposed. Which of the following is the best corrective action for resolving this issue?

Answer options

• A. Remove any redirect settings of HTTP connections to HTTPS.
• B. Implement HTTP Strict Transport Security Headers.
• C. Install a self-signed certificate on the web server.
• D. Reduce the default timeout period for all web-based sessions.

Correct answer: B

Explanation

Implementing HTTP Strict Transport Security (HSTS) headers is the correct action as it enforces secure connections by instructing browsers to only use HTTPS. Removing redirects (option A) would not solve the issue, installing a self-signed certificate (option C) does not provide the necessary trust, and reducing timeout periods (option D) does not address the encryption requirement.