To answer this question, you need to understand the concept of session hijacking and the available countermeasures. Let's go through each option to understand why it is correct or incorrect:
A) Port filtering firewall - This option is incorrect because a port filtering firewall is primarily used to control network traffic based on the ports and protocols being used. While it can help prevent unauthorized access to a system, it is not specifically designed to counter session hijacking.
B) Encryption - This option is correct because encryption can help protect the confidentiality and integrity of session data. By encrypting the data being transmitted between the client and the server, it becomes more difficult for an attacker to intercept and tamper with the session.
C) Session monitoring - This option is incorrect because session monitoring alone is not a countermeasure to session hijacking. Session monitoring can help detect suspicious activities and provide visibility into ongoing sessions, but it does not prevent or mitigate session hijacking attacks.
D) Strong passwords - This option is incorrect because while strong passwords are important for overall security, they are not specifically designed to counter session hijacking. Session hijacking involves unauthorized access to an ongoing session, which is not directly related to the strength of passwords.
The correct answer is B) Encryption. This option is correct because encryption can help protect the confidentiality and integrity of session data, making it harder for attackers to hijack and manipulate the session.