Content-Type Sniffing is used to protect against MIME vulnerabilities. This happens when a user uploads a file but disguises it as something else. This is potentially dangerous because a malicious file could be upload to the server and then inject malicious code. The Content-Type Sniffing makes sure that files are served as the MIME file so no malicious code is executed. Here is how to enable the header.
Add the following snippet to your .conf file and reload
add_header X-Content-Type-Options "nosniff"
Add the following snippet to your .htaccess file, save and restart.
Header set X-Content-Type-Options "nosniff"