CompTIA Security+ (SY0-501) — Question 434

A security administrator is investigating many recent incidents of credential theft for users accessing the company's website, despite the hosting web server requiring HTTPS for access. The server's logs show the website leverages the HTTP POST method for carrying user authentication details.
Which of the following is the MOST likely reason for compromise?

Answer options

• A. The HTTP POST method is not protected by HTTPS.
• B. The web server is running a vulnerable SSL configuration.
• C. The HTTP response is susceptible to sniffing.
• D. The company doesn't support DNSSEC.

Correct answer: A

Explanation

The correct answer is A because the HTTP POST method is indeed protected by HTTPS; however, if there are any misconfigurations or vulnerabilities in the SSL setup, the data could still be compromised. Option B is incorrect because the question states that HTTPS is required, implying that the SSL configuration is likely not vulnerable. Option C is wrong as HTTPS protects against sniffing of HTTP responses. Option D is irrelevant to the issue at hand, as DNSSEC does not directly impact the security of HTTP POST authentication details.