The mode that Joseph use to test this vulnerability is option A:
An attempt to coerce a server or client to adopt a less-secure version of a cryptographic protocol (like TLS or SSL), cipher suite (such an export-grade cipher, rather than a standard one), or connection type is known as a "downgrade attack" (HTTP, instead of HTTPS).
Therefore, in regards to the case with Joseph, the use of a downgrade attack, is one that is seen as a threat actor compels the system to "fall back" to using an earlier, less secure mode of operation rather than continuing to operate in its present, higher security mode. The threat actor is therefore free to assault the weaker mode as a result.
Learn more about Downgrade attack from
https://brainly.com/question/28043482
#SPJ1
See full question below
Joseph, a black hat hacker, is approached by Sigma Technology to check the enterprise's security. He is told that the system is being checked to verify whether the higher-security mode of operations is moved automatically to another version during a cyberattack on the network, making it easier to attack. Which mode should Joseph use to test this vulnerability, and why?
a. Downgrade attack because, in a downgrade attack, an attacker forces the system to abandon the current mode of operation and instead move it to implement a less secure mode.
b. Ciphertext attack because, in a ciphertext attack, an attacker forces the system to abandon the current mode of operation instead of moving it to implement a less secure mode.
c. Attacks on misconfigurations because, in a misconfiguration attack, attackers utilize weak configurations to exploit vulnerabilities.
d. Collision attack because, in a collision attack, attackers utilize weak cryptographic algorithms to exploit vulnerabilities.
