CompTIA PenTest+ (PT0-001) — Question 18

A penetration tester reports an application is only utilizing basic authentication on an Internet-facing application. Which of the following would be the BEST remediation strategy?

Answer options

• A. Enable HTTP Strict Transport Security.
• B. Enable a secure cookie flag.
• C. Encrypt the communication channel.
• D. Sanitize invalid user input.

Correct answer: A

Explanation

Enabling HTTP Strict Transport Security (HSTS) ensures that the application only communicates over HTTPS, thereby protecting the data from being intercepted during transmission. While encrypting the communication channel also enhances security, HSTS specifically prevents the use of unencrypted HTTP connections altogether. The other options, such as enabling a secure cookie flag and sanitizing user input, do not directly address the vulnerabilities associated with basic authentication in an Internet-facing context.