0
0
Nginxdevops~20 mins

Why HTTPS secures communication in Nginx - Challenge Your Understanding

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
HTTPS Security Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
How does HTTPS protect data during transmission?

Which of the following best explains why HTTPS secures communication between a client and a server?

AHTTPS encrypts data so that only the intended recipient can read it, preventing eavesdropping.
BHTTPS compresses data to make transmission faster and more efficient.
CHTTPS changes the IP address of the server to hide its location.
DHTTPS stores data locally on the client to avoid sending it over the network.
Attempts:
2 left
💡 Hint

Think about what encryption does to data sent over the internet.

💻 Command Output
intermediate
2:00remaining
Check HTTPS status in nginx configuration

What will be the output of the following command on a server running nginx with HTTPS enabled?

sudo nginx -T | grep listen
Nginx
sudo nginx -T | grep listen
Alisten 80;
Blisten 443 ssl;
Clisten 22;
Dlisten 8080;
Attempts:
2 left
💡 Hint

HTTPS usually uses a specific port number with SSL enabled.

Configuration
advanced
3:00remaining
Identify the correct nginx HTTPS server block snippet

Which nginx server block snippet correctly enables HTTPS with SSL certificate and key?

A
}
;yek.elpmaxe/etavirp/lss/cte/ yek_etacifitrec_lss    
;trc.elpmaxe/strec/lss/cte/ etacifitrec_lss    
;lss 344 netsil    
{ revres
B
server {
    listen 80 ssl;
    ssl_certificate /etc/ssl/certs/example.crt;
    ssl_certificate_key /etc/ssl/private/example.key;
}
C
server {
    listen 443;
    ssl_certificate /etc/ssl/certs/example.crt;
    ssl_certificate_key /etc/ssl/private/example.key;
}
D
server {
    listen 443 ssl;
    ssl_certificate /etc/ssl/certs/example.crt;
    ssl_certificate_key /etc/ssl/private/example.key;
}
Attempts:
2 left
💡 Hint

Check the port number and correct SSL directives.

Troubleshoot
advanced
3:00remaining
Why does nginx fail to start after enabling HTTPS?

After adding SSL configuration to nginx, the server fails to start. Which of the following is the most likely cause?

AThe SSL certificate or key file paths are incorrect or files are missing.
BThe server block is listening on port 80 instead of 443.
CThe nginx user does not have permission to write to /var/log/nginx.
DThe firewall is blocking port 22.
Attempts:
2 left
💡 Hint

Check file paths and permissions related to SSL files.

Best Practice
expert
4:00remaining
Recommended security headers for HTTPS in nginx

Which set of HTTP headers should be added in nginx configuration to improve security for HTTPS websites?

A
add_header Content-Length 0;
add_header Connection close;
add_header Accept-Encoding gzip;
B
add_header Cache-Control no-cache;
add_header Content-Type text/html;
add_header Server nginx;
C
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options DENY;
D
add_header Access-Control-Allow-Origin *;
add_header Content-Security-Policy "default-src *";
add_header X-Powered-By PHP/7.4;
Attempts:
2 left
💡 Hint

Think about headers that protect against common web attacks and enforce HTTPS.