diff --git a/README.md b/README.md
index 733b9f3..76c135f 100644
--- a/README.md
+++ b/README.md
@@ -40,6 +40,7 @@ What we are doing here is mostly collecting useful snippets from all over the in
     - [Block Visitors by Referrer](#block-visitors-by-referrer)
     - [Prevent Framing the Site](#prevent-framing-the-site)
     - [Help to Prevent Cross-Site Scripting](#help-to-prevent-cross-site-scripting)
+    - [Prevents Mime-Sniffing the Incorrect Content-Type(#prevents-mime-sniffing-the-incorrect-content-type)
 - [Performance](#performance)
     - [Compress Text Files](#compress-text-files)
     - [Set Expires Headers](#set-expires-headers)
@@ -338,6 +339,13 @@ This uses the built-in reflective XSS protection found in Internet Explorer, Chr
 Header always set X-Xss-Protection "1; mode=block"
 ```
 
+### Prevents Mime-Sniffing the Incorrect Content-Type
+This reduces the risk of a file, such as an cleverly-misnamed executable, being treated as a different content-type by the browser than the one being declared by the server. It also reduces exposure to drive-by downloads.
+[Source](https://scotthelme.co.uk/hardening-your-http-response-headers/#x-xss-protection)
+``` apacheconf
+Header always set X-Content-Type-Options "nosniff"
+```
+
 ## Performance
 ### Compress Text Files
 ``` apacheconf