Attackers have been using revoked certificates for MITM attacks to steal credentials from employees of Company.com.
Which of the following options should Company.com implement to mitigate these attacks?
Click on the arrows to vote for the correct answer
A. B. C. D. E.B.
To mitigate the risk of attackers using revoked certificates for MITM attacks to steal credentials from employees, Company.com should implement the following:
B. OCSP stapling:
Online Certificate Status Protocol (OCSP) is a protocol used to check the revocation status of digital certificates. OCSP stapling is a technique that improves the security and performance of SSL/TLS connections. It allows the server to provide a signed and time-stamped response from the CA (Certificate Authority) about the certificate's revocation status. This response is then sent to the client during the SSL/TLS handshake, eliminating the need for the client to query the CA separately.
By implementing OCSP stapling, Company.com can verify the revocation status of certificates in real-time, reducing the risk of attackers using revoked certificates for MITM attacks.
A. Captive portal:
A captive portal is a webpage that is presented to users accessing a network. The users are required to authenticate or agree to terms and conditions before they can access the network's resources. While captive portals can be used to control network access, they do not provide any protection against revoked certificates or MITM attacks.
C. Object identifiers:
Object Identifiers (OIDs) are a type of unique identifier used in computer networks and systems. They are commonly used in digital certificates to identify the certificate issuer, certificate types, and policies. However, OIDs do not provide any protection against revoked certificates or MITM attacks.
D. Key escrow:
Key escrow is a method of storing encryption keys in a secure location. It is commonly used by organizations to comply with data retention and recovery regulations. However, key escrow does not provide any protection against revoked certificates or MITM attacks.
E. Extended validation certificate:
An extended validation certificate (EV certificate) is a type of digital certificate that provides the highest level of assurance to website visitors. EV certificates are issued only after the certificate authority has completed a rigorous verification process, including verifying the organization's identity and domain ownership. While EV certificates can help establish trust with website visitors, they do not provide any protection against revoked certificates or MITM attacks.
In summary, the best option for Company.com to mitigate the risk of attackers using revoked certificates for MITM attacks is to implement OCSP stapling. This will allow them to verify the revocation status of certificates in real-time and reduce the risk of MITM attacks.