Question 18

Question

Which of the following is a way to enable a production web server's communications with strong
encryption and identity verification?

Accepted Answer

Creating a private key locally using openssl, creating a certificate request, sending the request to
an external certification provider, and using the provided certificate for HTTPS communication

Amelia W. · Answer

Call it B. Using a CA-signed cert is the standard for production, since self-signed (C) is a trap here and SSH keys (A) are unrelated to HTTPS. Happy to be challenged on this, but that's what I've seen in practice.

Chris E. · Answer

A or C? CompTIA loves tripping us up with SSH vs HTTPS stuff. I picked A since ssh-keygen generates strong keys and it says "enable communication", but now I'm second guessing with all this CA certificate talk...

Riley Q. · Answer

B , SSH keys (A) and self-signed certs (C) trap a lot of folks. CA-signed certs are required in production.

Liam Y. · Answer

Guessing B here. Only CA-signed certs really hit both strong encryption and proper identity verification in production.

Neha · Answer

C tbh

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE