a web administrator notices a few security vulnerabilities that must be addressed on the company intranet. the portal must force a secure browsing connection, mitigate script injection, and prevent caching on shared client devices. determine the secure options to set on the web server's response headers. (select all that apply.)

Go to Edge Certificates in SSL/TLS and disable HSTS. Enable HSTS is the option for HTTP Strict Transport Security (HSTS). Make 0 the Max Age Header value (Disable). Set the No-Sniff header to Off if you want to disable it after previously enabling it.
Double-click the IIS section's HTTP Response Headers link in the web site pane. Choose Add from the actions pane. Fill up the Name box with the name of the custom HTTP header. Type the value for the custom HTTP header in the Value box.

Lack of HSTS makes safeguards against cookie-hijacking, man-in-the-middle attacks, and downgrade attacks possible.

To learn more about HTTP Strict Transport Security refer to:

https://brainly.com/question/28402378

#SPJ4