Scenario
Three web servers were reviewed. One exposes credentials and sessions without encryption, one uses secure cookie flags correctly, and one has an expired SSL certificate marked high risk.
Your task: Review the evidence and select the best analyst response for each field.
| Evidence | Details |
|---|---|
| Web Server 1 | Admin activity with visible usernames/passwords and unencrypted sessions |
| Web Server 2 | Cookies use Secure, HttpOnly, and SameSite=Strict |
| Web Server 3 | SSL certificate expired on 2025-01-14 |
Analyst Decisions
Instructor Answer
- Unencrypted credentials and sessions should be protected by TLS for the entire session.
- Secure, HttpOnly, and SameSite cookie flags are good controls, so that finding can be submitted as a non-issue.
- Expired certificates should be renewed through the CA to restore trusted HTTPS.