Which of the following is the best solution for the network administrator to secure each internal website?

seenagapeApril 28, 2016

The chief security officer (CS0) has issued a new policy that requires that all internal websites be
configured for HTTPS traffic only. The network administrator has been tasked to update all internal
sites without incurring additional costs. Which of the following is the best solution for the network
administrator to secure each internal website?

A.
Use certificates signed by the company CA

B.
Use a signing certificate as a wild card certificate

C.
Use certificates signed by a public ca

D.
Use a self-signed certificate on each internal server

7 Comments on “Which of the following is the best solution for the network administrator to secure each internal website?”

Cog says:

July 19, 2016 at 1:50 am

D.Use a self-signed certificate on each internal server

This is a way to “update all internal sites without incurring additional costs”.

To be a CA (Certificate Authority), you need an infrastructure that consists of considerable operational elements, hardware, software, policy frameworks and practice statements, auditing, security infrastructure and personnel.

1

1

Log in to Reply
1. victor says:
  
  October 9, 2016 at 12:39 pm
  
  yes i agree with u
  
  0
  
  0
  
  Log in to Reply
2. Mike says:
  
  April 21, 2018 at 5:43 pm
  
  Agreed!!!!
  
  0
  
  0
  
  Log in to Reply
Lake says:

January 8, 2017 at 11:22 am

The question explicitly specifies without incurring additional costs. Common sense telling us choice D saves more money for the company than choice A. I guess this company already had a CA running and it is why the author picks choice A.

1

0

Log in to Reply
Paul S says:

March 2, 2017 at 6:05 am

Will not pretend to understand the ‘real’ answer. If a company has a Microsoft server, they can become their own CA at no cost and hand out certs to their servers. Each server could also have a self signed certificate at no cost. If I were going with the best solution, I would choose A because a self signed certificate cannot be revoked. Also, for both of the scenarios, each time you run across a new CA as a client, you get a popup that asks you to accept that CA. Not really sure if this is true about self signed certs but I would suspect that each time you go to another server, you have another popup. But if the company issues it, it would appear once, the company’s CA would be listed in the accepted CA table, and you could go to all of the server.
Again, I am almost positive it is A.

3

0

Log in to Reply
1. Clindamycin says:
  
  March 7, 2018 at 12:13 pm
  
  A make more sense
  
  1
  
  0
  
  Log in to Reply
  1. marlonbrando says:
    
    May 11, 2019 at 8:33 pm
    
    moreover, there are choices for C that state about “public CA” I am going with A
    
    1
    
    0
    
    Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

CompTIA Exam Questions

Free CompTIA Study Guide

Which of the following is the best solution for the network administrator to secure each internal website?

7 Comments on “Which of the following is the best solution for the network administrator to secure each internal website?”

Leave a Reply Cancel reply