ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam N10-006 All Questions

View all questions & answers for the N10-006 exam
Go to Exam

Exam N10-006 topic 5 question 21 discussion

Actual exam question from CompTIA's N10-006
Question #: 21
Topic #: 5
[All N10-006 Questions]

Which of the following is true about the main difference between a web session that uses port 80 and one that uses port 443?

  • A. Port 80 web sessions often use application-level encryption, while port 443 sessions often use transport-level encryption.
  • B. Port 80 web session cannot use encryption, while port 443 sessions are encrypted using web certificates.
  • C. Port 80 web sessions can use web application proxies, while port 443 sessions cannot traverse web application proxies.
  • D. Port 80 web sessions are prone to man-in-the-middle attacks, while port 443 sessions are immune from man-in-the-middle attacks.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
HTTPS stands for HTTP over SSL or HTTP Secure. It is used for secure access to websites. Port 80 web sessions are HTTP (HyperText Transfer Protocol) sessions which offers no security. Port 443 web sessions use HTTPS. HTTPS uses SSL or TLS to encrypt the HTTP traffic.
HTTPS provides authentication of the website and associated web server that you are communicating with, which protects against man-in-the-middle attacks.
Additionally, it provides bidirectional encryption of communications between a client and server, which protects against eavesdropping and tampering with and/or forging the contents of the communication.
by mad at June 29, 2019, 11:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mad
5 years, 10 months ago
Even though answer D is technically correct, it is nevertheless a rather specific answer to a question the leans on to a more of a generalist inquiry (hint: the use of 'main difference between' - as there are, no doubt, other examples (other than MITM) of potential security threats when scouring the WWW unprotected. Anyhow, like eindicatd, Answer D would be fine were it not for the existence of answer B, which in my opinion reflects (answers | explains) the 'generalist' question type more adequately. Case in point: If some random person asked about the main differences between port 80 and port 443, the most succinct (and natural) answer would be encryption (or lack thereof), not (even though technically correct) a more specific potential threat example as with MITM... Rule of thumb when working in IT networking and dealing with its security subset: don't necessarily complicate matters, even (or more so) when answering simple questions. Nutshell: Answer B would be better suited rather than D even if both are correct. Side note (not to complicate matters) > there are means to encrypt traffic on port 80, but that is beyond the scope of this cert and specifically Question # 22...if interested though: https://letsencrypt.org/docs/allow-port-80/
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago