Pre-Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A penetration tester finds it is possible to downgrade a web application ' s HTTPS...

  1. Home
  2. CompTIA
  3. PenTest+
  4. PT0-003
  5. PT0-003 Questions
  6. CompTIA PenTest+ Exam Practice Questions

A penetration tester finds it is possible to downgrade a web application ' s HTTPS connections to HTTP while performing on-path attacks on the local network. The tester reviews the output of the server response to:

curl -s -i https://internalapp/

HTTP/2 302

date: Thu, 11 Jan 2024 15:56:24 GMT

content-type: text/html; charset=iso-8659-1

location: /login

x-content-type-options: nosniff

server: Prod

Which of the following recommendations should the penetration tester include in the report?

A.

Add the HSTS header to the server.

B.

Attach the httponly flag to cookies.

C.

Front the web application with a firewall rule to block access to port 80.

D.

Remove the x-content-type-options header.

CompTIA PT0-003 View All Questions

CompTIA PT0-003 Summary

  • Vendor: CompTIA
  • Product: PT0-003
  • Update on: Apr 29, 2026
  • Questions: 330
Price: $52.5  $149.99
Buy Now PT0-003 PDF + Testing Engine Pack
Next
A penetration tester is getting ready to conduct a vulnerability scan as part of the...
A penetration tester discovers a deprecated directory in which files are accessible to anyone.
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2026 examsvce.com. All Rights Reserved
mcafee secure

TESTED 29 Apr 2026