Question 2
Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox. Which of the following is a primary risk factor when authenticating with a standard HTTP server?
HTTP uses cleartext transmission during authentication, which can lead to a man-in-the-middle attack.
Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in-the-middle attack.
A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.
Irina has accessed the Web server using a non-standard Web browser.
Correct answer: A