For a stricter CSP policy, which value would you set for default-src to ensure that only specific sources are allowed?
- 'none'
- 'self'
- 'strict-dynamic'
- 'unsafe-inline'
In a strict CSP policy, you would set the 'default-src' value to 'none' to ensure that no resources are allowed by default. To allow only specific sources, you would then specify those sources individually in other CSP directives, like 'script-src', 'style-src', etc.
Loading...
Related Quiz
- What is the primary difference between SSL and its successor, TLS?
- Which part of the HIPAA regulation sets the standards for protecting electronic protected health information?
- In which type of attack does an attacker trick a victim into submitting a malicious request on their behalf?
- What encryption technique involves two interdependent cryptographic keys, one public and one private?
- In TLS, what cryptographic process is used to establish a shared secret between the client and server without ever transmitting the secret itself?